Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-33813 (GCVE-0-2026-33813)
Vulnerability from cvelistv5 – Published: 2026-04-21 19:21 – Updated: 2026-06-25 19:47- CWE-190 - Integer Overflow or Wraparound
| Vendor | Product | Version | |
|---|---|---|---|
| golang.org/x/image | golang.org/x/image/webp |
Affected:
0 , < 0.42.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-33813",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-22T15:23:43.643284Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-22T15:34:46.427Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "golang.org/x/image/webp",
"product": "golang.org/x/image/webp",
"programRoutines": [
{
"name": "decode"
},
{
"name": "Decode"
},
{
"name": "DecodeConfig"
}
],
"vendor": "golang.org/x/image",
"versions": [
{
"lessThan": "0.42.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Tristan Madani"
}
],
"descriptions": [
{
"lang": "en",
"value": "Parsing a WEBP image with an invalid, large size panics on 32-bit platforms."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-190: Integer Overflow or Wraparound",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-25T19:47:15.561Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/759860"
},
{
"url": "https://go.dev/cl/780860"
},
{
"url": "https://go.dev/issue/78407"
},
{
"url": "https://pkg.go.dev/vuln/GO-2026-4961"
}
],
"title": "Panic when decoding large WEBP image on 32-bit platforms in golang.org/x/image"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2026-33813",
"datePublished": "2026-04-21T19:21:27.644Z",
"dateReserved": "2026-03-23T20:35:32.814Z",
"dateUpdated": "2026-06-25T19:47:15.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-33813",
"date": "2026-07-01",
"epss": "0.0034",
"percentile": "0.25989"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-33813\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2026-04-21T20:16:56.387\",\"lastModified\":\"2026-06-25T20:17:10.897\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Parsing a WEBP image with an invalid, large size panics on 32-bit platforms.\"}],\"affected\":[{\"source\":\"security@golang.org\",\"affectedData\":[{\"vendor\":\"golang.org/x/image\",\"product\":\"golang.org/x/image/webp\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://pkg.go.dev\",\"packageName\":\"golang.org/x/image/webp\",\"programRoutines\":[{\"name\":\"decode\"},{\"name\":\"Decode\"},{\"name\":\"DecodeConfig\"}],\"versions\":[{\"version\":\"0\",\"lessThan\":\"0.42.0\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-04-22T15:23:43.643284Z\",\"id\":\"CVE-2026-33813\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:image:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"0.39.0\",\"matchCriteriaId\":\"C0501D26-73D5-4E11-80EE-77576FB64671\"}]}]}],\"references\":[{\"url\":\"https://go.dev/cl/759860\",\"source\":\"security@golang.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://go.dev/cl/780860\",\"source\":\"security@golang.org\"},{\"url\":\"https://go.dev/issue/78407\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2026-4961\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-33813\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-22T15:23:43.643284Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-22T15:23:59.710Z\"}}], \"cna\": {\"title\": \"Panic when decoding large WEBP image on 32-bit platforms in golang.org/x/image\", \"credits\": [{\"lang\": \"en\", \"value\": \"Tristan Madani\"}], \"affected\": [{\"vendor\": \"golang.org/x/image\", \"product\": \"golang.org/x/image/webp\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"0.42.0\", \"versionType\": \"semver\"}], \"packageName\": \"golang.org/x/image/webp\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"decode\"}, {\"name\": \"Decode\"}, {\"name\": \"DecodeConfig\"}]}], \"references\": [{\"url\": \"https://go.dev/cl/759860\"}, {\"url\": \"https://go.dev/cl/780860\"}, {\"url\": \"https://go.dev/issue/78407\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2026-4961\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Parsing a WEBP image with an invalid, large size panics on 32-bit platforms.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-190: Integer Overflow or Wraparound\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2026-06-25T19:47:15.561Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-33813\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-06-25T19:47:15.561Z\", \"dateReserved\": \"2026-03-23T20:35:32.814Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2026-04-21T19:21:27.644Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2026:24503
Vulnerability from csaf_redhat - Published: 2026-06-08 14:02 - Updated: 2026-07-01 19:49A flaw was found in Pyroscope. When Tencent Cloud Object Storage (COS) is configured as the storage backend, an attacker with access to the Pyroscope API can extract the `secret_key` value in plaintext. This issue leads to sensitive information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64 | — |
Workaround
|
A flaw was found in Tempo. A remote attacker can exploit this vulnerability by sending large queries to the Tempo service. This can lead to excessive memory allocations, potentially causing a Denial of Service (DoS) by impacting the availability of the service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64 | — |
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64 | — |
Workaround
|
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/image. A remote attacker could exploit this vulnerability by providing a specially crafted WEBP image with an invalid, large size. This could cause the application to panic and crash on 32-bit platforms, leading to a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64 | — |
A flaw was found in github.com/jackc/pgx. This memory-safety vulnerability could potentially lead to unexpected behavior or system instability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64 | — |
Workaround
|
A flaw was found in github.com/jackc/pgx, a PostgreSQL driver for Go. This memory-safety vulnerability could allow an attacker to cause various impacts, such as denial of service (DoS) or potentially arbitrary code execution, by exploiting memory corruption issues. The exact method of exploitation and specific consequences would depend on the nature of the memory corruption.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64 | — |
Workaround
|
A flaw was found in Moby, an open-source container framework. This security vulnerability allows attackers to bypass authorization plugins (AuthZ), which are mechanisms designed to control access and permissions within the container environment. The bypass of these plugins can lead to unauthorized operations and potential compromise of the system's integrity and confidentiality.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64 | — |
Workaround
|
A flaw was found in OpenFGA, an authorization/permission engine. When OpenFGA is configured to use preshared-key authentication and the built-in playground is enabled and accessible beyond localhost or trusted networks, a remote attacker can exploit this vulnerability. The local server includes the preshared API key in the HTML response of the /playground endpoint, leading to information disclosure of the API key. This can allow unauthorized access to the system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64 | — |
A flaw was found in github.com/gomarkdown/markdown, a Go library for parsing Markdown text and rendering as HTML. A remote attacker could exploit this vulnerability by providing a specially crafted malformed input. Specifically, input containing a '<' character not followed by a '>' character, when processed by the SmartypantsRenderer, can lead to an out-of-bounds read or a panic. This can result in a denial of service (DoS) for the application, making it unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64 | — |
Workaround
|
A flaw was found in the Apache Thrift TFramedTransport Go language implementation. This integer overflow or wraparound vulnerability could potentially allow an attacker to cause unexpected behavior or resource exhaustion, leading to a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64 | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le | — | ||
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64 | — |
A flaw was found in Apache Thrift. This vulnerability involves improper validation of a certificate with a host mismatch, which could allow a remote attacker to bypass security checks. By presenting a specially crafted certificate, an attacker may impersonate a legitimate server or client. This could lead to a security bypass, potentially enabling unauthorized access or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Multicluster Global Hub v1.7.1 general availability release images, which provide security fixes, bug fixes, and updated container images.\n\nRed Hat Product Security has rated this update as having a security impact of Important. \nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat multicluster global hub is a set of components that enable you to import one or more hub clusters and manage them from a single hub cluster.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:24503",
"url": "https://access.redhat.com/errata/RHSA-2026:24503"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-41118",
"url": "https://access.redhat.com/security/cve/CVE-2025-41118"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21728",
"url": "https://access.redhat.com/security/cve/CVE-2026-21728"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32282",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33813",
"url": "https://access.redhat.com/security/cve/CVE-2026-33813"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33815",
"url": "https://access.redhat.com/security/cve/CVE-2026-33815"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33816",
"url": "https://access.redhat.com/security/cve/CVE-2026-33816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34040",
"url": "https://access.redhat.com/security/cve/CVE-2026-34040"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-40293",
"url": "https://access.redhat.com/security/cve/CVE-2026-40293"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-40890",
"url": "https://access.redhat.com/security/cve/CVE-2026-40890"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-41602",
"url": "https://access.redhat.com/security/cve/CVE-2026-41602"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-43869",
"url": "https://access.redhat.com/security/cve/CVE-2026-43869"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_24503.json"
}
],
"title": "Red Hat Security Advisory: Multicluster Global Hub 1.7.1 security update",
"tracking": {
"current_release_date": "2026-07-01T19:49:01+00:00",
"generator": {
"date": "2026-07-01T19:49:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:24503",
"initial_release_date": "2026-06-08T14:02:51+00:00",
"revision_history": [
{
"date": "2026-06-08T14:02:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-08T14:03:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T19:49:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Multicluster Global Hub 1.7.1",
"product": {
"name": "Multicluster Global Hub 1.7.1",
"product_id": "Multicluster Global Hub 1.7.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:multicluster_globalhub:1.7::el9"
}
}
}
],
"category": "product_family",
"name": "Multicluster Global Hub"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-grafana-rhel9@sha256%3A90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9\u0026tag=1779925273"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-agent-rhel9@sha256%3A117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9\u0026tag=1780361828"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-manager-rhel9@sha256%3A056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9\u0026tag=1780615638"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-operator-bundle@sha256%3A6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle\u0026tag=1780616828"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-rhel9-operator@sha256%3A4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator\u0026tag=1779887500"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-postgres-exporter-rhel9@sha256%3A31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9\u0026tag=1779815431"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-grafana-rhel9@sha256%3A1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9\u0026tag=1779925273"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-agent-rhel9@sha256%3A368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9\u0026tag=1780361828"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-manager-rhel9@sha256%3Ab811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9\u0026tag=1780615638"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-rhel9-operator@sha256%3A9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator\u0026tag=1779887500"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-postgres-exporter-rhel9@sha256%3Ad509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9\u0026tag=1779815431"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-grafana-rhel9@sha256%3A0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9\u0026tag=1779925273"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-agent-rhel9@sha256%3A58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9\u0026tag=1780361828"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-manager-rhel9@sha256%3A54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9\u0026tag=1780615638"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-rhel9-operator@sha256%3A0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator\u0026tag=1779887500"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-postgres-exporter-rhel9@sha256%3A8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9\u0026tag=1779815431"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-grafana-rhel9@sha256%3A3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9\u0026tag=1779925273"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-agent-rhel9@sha256%3Af49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9\u0026tag=1780361828"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-manager-rhel9@sha256%3A3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9\u0026tag=1780615638"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-rhel9-operator@sha256%3Adfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator\u0026tag=1779887500"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-postgres-exporter-rhel9@sha256%3A7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9\u0026tag=1779815431"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64 as a component of Multicluster Global Hub 1.7.1",
"product_id": "Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"relates_to_product_reference": "Multicluster Global Hub 1.7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le as a component of Multicluster Global Hub 1.7.1",
"product_id": "Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"relates_to_product_reference": "Multicluster Global Hub 1.7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x as a component of Multicluster Global Hub 1.7.1",
"product_id": "Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"relates_to_product_reference": "Multicluster Global Hub 1.7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64 as a component of Multicluster Global Hub 1.7.1",
"product_id": "Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"relates_to_product_reference": "Multicluster Global Hub 1.7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x as a component of Multicluster Global Hub 1.7.1",
"product_id": "Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"relates_to_product_reference": "Multicluster Global Hub 1.7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le as a component of Multicluster Global Hub 1.7.1",
"product_id": "Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"relates_to_product_reference": "Multicluster Global Hub 1.7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64 as a component of Multicluster Global Hub 1.7.1",
"product_id": "Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"relates_to_product_reference": "Multicluster Global Hub 1.7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64 as a component of Multicluster Global Hub 1.7.1",
"product_id": "Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64",
"relates_to_product_reference": "Multicluster Global Hub 1.7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64 as a component of Multicluster Global Hub 1.7.1",
"product_id": "Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"relates_to_product_reference": "Multicluster Global Hub 1.7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64 as a component of Multicluster Global Hub 1.7.1",
"product_id": "Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"relates_to_product_reference": "Multicluster Global Hub 1.7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x as a component of Multicluster Global Hub 1.7.1",
"product_id": "Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"relates_to_product_reference": "Multicluster Global Hub 1.7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le as a component of Multicluster Global Hub 1.7.1",
"product_id": "Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"relates_to_product_reference": "Multicluster Global Hub 1.7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64 as a component of Multicluster Global Hub 1.7.1",
"product_id": "Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"relates_to_product_reference": "Multicluster Global Hub 1.7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64 as a component of Multicluster Global Hub 1.7.1",
"product_id": "Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"relates_to_product_reference": "Multicluster Global Hub 1.7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64 as a component of Multicluster Global Hub 1.7.1",
"product_id": "Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"relates_to_product_reference": "Multicluster Global Hub 1.7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x as a component of Multicluster Global Hub 1.7.1",
"product_id": "Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"relates_to_product_reference": "Multicluster Global Hub 1.7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le as a component of Multicluster Global Hub 1.7.1",
"product_id": "Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"relates_to_product_reference": "Multicluster Global Hub 1.7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x as a component of Multicluster Global Hub 1.7.1",
"product_id": "Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"relates_to_product_reference": "Multicluster Global Hub 1.7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64 as a component of Multicluster Global Hub 1.7.1",
"product_id": "Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"relates_to_product_reference": "Multicluster Global Hub 1.7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le as a component of Multicluster Global Hub 1.7.1",
"product_id": "Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"relates_to_product_reference": "Multicluster Global Hub 1.7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64 as a component of Multicluster Global Hub 1.7.1",
"product_id": "Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64",
"relates_to_product_reference": "Multicluster Global Hub 1.7.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-41118",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2026-04-15T20:02:03.347892+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2458796"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Pyroscope. When Tencent Cloud Object Storage (COS) is configured as the storage backend, an attacker with access to the Pyroscope API can extract the `secret_key` value in plaintext. This issue leads to sensitive information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pyroscope: sensitive COS SecretKey exposed in plaintext via configuration API due to missing type protection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw allows an attacker with direct access to the Pyroscope API to extract the Tencent Cloud Object Storage (COS) `secret_key` in plaintext when COS is configured as the storage backend. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64"
],
"known_not_affected": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-41118"
},
{
"category": "external",
"summary": "RHBZ#2458796",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458796"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-41118",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41118"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-41118",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-41118"
},
{
"category": "external",
"summary": "https://grafana.com/security/security-advisories/cve-2025-41118",
"url": "https://grafana.com/security/security-advisories/cve-2025-41118"
}
],
"release_date": "2026-04-15T19:15:17.689000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-08T14:02:51+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.16/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:24503"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, limit network exposure of the Pyroscope API so it is only accessible by trusted users on the internal network.",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pyroscope: sensitive COS SecretKey exposed in plaintext via configuration API due to missing type protection"
},
{
"cve": "CVE-2026-21728",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-24T09:00:58.144273+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461395"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Tempo. A remote attacker can exploit this vulnerability by sending large queries to the Tempo service. This can lead to excessive memory allocations, potentially causing a Denial of Service (DoS) by impacting the availability of the service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "grafana/tempo: Tempo: Denial of Service via large queries",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64"
],
"known_not_affected": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21728"
},
{
"category": "external",
"summary": "RHBZ#2461395",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461395"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21728"
},
{
"category": "external",
"summary": "https://grafana.com/security/security-advisories/cve-2026-21728",
"url": "https://grafana.com/security/security-advisories/cve-2026-21728"
}
],
"release_date": "2026-04-24T08:00:47.074000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-08T14:02:51+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.16/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:24503"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "grafana/tempo: Tempo: Denial of Service via large queries"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64"
],
"known_not_affected": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-08T14:02:51+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.16/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:24503"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
},
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64"
],
"known_not_affected": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-08T14:02:51+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.16/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:24503"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-33813",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2026-04-21T20:01:02.224363+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2460221"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/image. A remote attacker could exploit this vulnerability by providing a specially crafted WEBP image with an invalid, large size. This could cause the application to panic and crash on 32-bit platforms, leading to a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/image: golang: golang.org/x/image: Denial of Service via malformed WEBP image parsing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64"
],
"known_not_affected": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33813"
},
{
"category": "external",
"summary": "RHBZ#2460221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460221"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33813",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33813"
},
{
"category": "external",
"summary": "https://go.dev/cl/759860",
"url": "https://go.dev/cl/759860"
},
{
"category": "external",
"summary": "https://go.dev/issue/78407",
"url": "https://go.dev/issue/78407"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4961",
"url": "https://pkg.go.dev/vuln/GO-2026-4961"
}
],
"release_date": "2026-04-21T19:21:27.644000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-08T14:02:51+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.16/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:24503"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/image: golang: golang.org/x/image: Denial of Service via malformed WEBP image parsing"
},
{
"cve": "CVE-2026-33815",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-04-07T16:01:25.130006+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455975"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/jackc/pgx. This memory-safety vulnerability could potentially lead to unexpected behavior or system instability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64"
],
"known_not_affected": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33815"
},
{
"category": "external",
"summary": "RHBZ#2455975",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455975"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33815",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33815"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33815",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33815"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4771",
"url": "https://pkg.go.dev/vuln/GO-2026-4771"
}
],
"release_date": "2026-04-07T15:19:24.344000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-08T14:02:51+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.16/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:24503"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability"
},
{
"cve": "CVE-2026-33816",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-04-07T16:01:14.142946+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455972"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/jackc/pgx, a PostgreSQL driver for Go. This memory-safety vulnerability could allow an attacker to cause various impacts, such as denial of service (DoS) or potentially arbitrary code execution, by exploiting memory corruption issues. The exact method of exploitation and specific consequences would depend on the nature of the memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64"
],
"known_not_affected": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33816"
},
{
"category": "external",
"summary": "RHBZ#2455972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33816",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33816"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4772",
"url": "https://pkg.go.dev/vuln/GO-2026-4772"
}
],
"release_date": "2026-04-07T15:19:24.529000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-08T14:02:51+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.16/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:24503"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability"
},
{
"cve": "CVE-2026-34040",
"cwe": {
"id": "CWE-807",
"name": "Reliance on Untrusted Inputs in a Security Decision"
},
"discovery_date": "2026-03-31T03:01:34.530713+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453278"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Moby, an open-source container framework. This security vulnerability allows attackers to bypass authorization plugins (AuthZ), which are mechanisms designed to control access and permissions within the container environment. The bypass of these plugins can lead to unauthorized operations and potential compromise of the system\u0027s integrity and confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Moby: Moby: Authorization bypass vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64"
],
"known_not_affected": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34040"
},
{
"category": "external",
"summary": "RHBZ#2453278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453278"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34040",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34040"
},
{
"category": "external",
"summary": "https://github.com/moby/moby/releases/tag/docker-v29.3.1",
"url": "https://github.com/moby/moby/releases/tag/docker-v29.3.1"
},
{
"category": "external",
"summary": "https://github.com/moby/moby/security/advisories/GHSA-x744-4wpc-v9h2",
"url": "https://github.com/moby/moby/security/advisories/GHSA-x744-4wpc-v9h2"
}
],
"release_date": "2026-03-31T01:36:48.205000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-08T14:02:51+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.16/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:24503"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Moby: Moby: Authorization bypass vulnerability"
},
{
"cve": "CVE-2026-40293",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2026-04-17T22:01:37.276056+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2459341"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenFGA, an authorization/permission engine. When OpenFGA is configured to use preshared-key authentication and the built-in playground is enabled and accessible beyond localhost or trusted networks, a remote attacker can exploit this vulnerability. The local server includes the preshared API key in the HTML response of the /playground endpoint, leading to information disclosure of the API key. This can allow unauthorized access to the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenFGA: github.com/openfga/openfga: OpenFGA: Information disclosure of preshared API key via playground endpoint",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important information disclosure flaw in OpenFGA, an authorization engine used in Red Hat products. The vulnerability occurs when OpenFGA is configured with preshared-key authentication and its built-in playground is enabled and exposed beyond localhost or trusted networks. The /playground endpoint, intended for development, can then reveal the preshared API key, potentially leading to unauthorized access.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64"
],
"known_not_affected": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-40293"
},
{
"category": "external",
"summary": "RHBZ#2459341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2459341"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-40293",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40293"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40293",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40293"
},
{
"category": "external",
"summary": "https://github.com/openfga/openfga/releases/tag/v1.14.0",
"url": "https://github.com/openfga/openfga/releases/tag/v1.14.0"
},
{
"category": "external",
"summary": "https://github.com/openfga/openfga/security/advisories/GHSA-68m9-983m-f3v5",
"url": "https://github.com/openfga/openfga/security/advisories/GHSA-68m9-983m-f3v5"
}
],
"release_date": "2026-04-17T20:47:06.804000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-08T14:02:51+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.16/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:24503"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenFGA: github.com/openfga/openfga: OpenFGA: Information disclosure of preshared API key via playground endpoint"
},
{
"cve": "CVE-2026-40890",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-04-21T20:02:56.729456+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2460245"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/gomarkdown/markdown, a Go library for parsing Markdown text and rendering as HTML. A remote attacker could exploit this vulnerability by providing a specially crafted malformed input. Specifically, input containing a \u0027\u003c\u0027 character not followed by a \u0027\u003e\u0027 character, when processed by the SmartypantsRenderer, can lead to an out-of-bounds read or a panic. This can result in a denial of service (DoS) for the application, making it unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/gomarkdown/markdown: github.com/gomarkdown/markdown: Denial of Service via malformed Markdown input",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw affecting Red Hat products that utilize the `github.com/gomarkdown/markdown` library. The vulnerability occurs when the `SmartypantsRenderer` processes specially crafted malformed Markdown input containing an unclosed \u0027\u003c\u0027 character, leading to an out-of-bounds read or application panic. A successful exploitation may lead the application using the library unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64"
],
"known_not_affected": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-40890"
},
{
"category": "external",
"summary": "RHBZ#2460245",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460245"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-40890",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40890"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40890",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40890"
},
{
"category": "external",
"summary": "https://github.com/gomarkdown/markdown/commit/759bbc3e32073c3bc4e25969c132fc520eda2778",
"url": "https://github.com/gomarkdown/markdown/commit/759bbc3e32073c3bc4e25969c132fc520eda2778"
},
{
"category": "external",
"summary": "https://github.com/gomarkdown/markdown/security/advisories/GHSA-77fj-vx54-gvh7",
"url": "https://github.com/gomarkdown/markdown/security/advisories/GHSA-77fj-vx54-gvh7"
}
],
"release_date": "2026-04-21T19:51:53.237000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-08T14:02:51+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.16/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:24503"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/gomarkdown/markdown: github.com/gomarkdown/markdown: Denial of Service via malformed Markdown input"
},
{
"cve": "CVE-2026-41602",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2026-04-28T10:01:16.099816+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2463407"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Thrift TFramedTransport Go language implementation. This integer overflow or wraparound vulnerability could potentially allow an attacker to cause unexpected behavior or resource exhaustion, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/apache/thrift: Apache Thrift: Integer Overflow in TFramedTransport Go implementation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64"
],
"known_not_affected": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-41602"
},
{
"category": "external",
"summary": "RHBZ#2463407",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463407"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-41602",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41602"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-41602",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41602"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2026/04/28/6",
"url": "http://www.openwall.com/lists/oss-security/2026/04/28/6"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql",
"url": "https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql"
}
],
"release_date": "2026-04-28T09:19:06.646000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-08T14:02:51+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.16/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:24503"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/apache/thrift: Apache Thrift: Integer Overflow in TFramedTransport Go implementation"
},
{
"cve": "CVE-2026-43869",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-05-05T08:00:56.417384+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466660"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Thrift. This vulnerability involves improper validation of a certificate with a host mismatch, which could allow a remote attacker to bypass security checks. By presenting a specially crafted certificate, an attacker may impersonate a legitimate server or client. This could lead to a security bypass, potentially enabling unauthorized access or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Apache Thrift: Apache Thrift: Security bypass due to improper certificate validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64"
],
"known_not_affected": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-43869"
},
{
"category": "external",
"summary": "RHBZ#2466660",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466660"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-43869",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-43869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43869"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/3hsgl1b69wzq3ry39scqbv2dhyl3j52r",
"url": "https://lists.apache.org/thread/3hsgl1b69wzq3ry39scqbv2dhyl3j52r"
}
],
"release_date": "2026-05-05T07:25:48.611000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-08T14:02:51+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.16/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:24503"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:117a8c83568dc190f011469ea39c35ed1a16a7040397b092675e08c0630b3688_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:368e38ef2cb6f7ae5a39d8802785bc1e2ea406650f0f1572425ee9e473f7dd23_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:58d6a46e506128186ff995a3f4cace3c4644bf6dfe6aa686aa120c1948a16241_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:f49ddb5fcea92e6361346508380cab45bc6228c151354d247e17d9700e82d58e_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0d6c621066cdc9c428c9286b7dd8ce0eed831de27b385c17e3761a1d411e034b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:1f04b37cd35946131e8dd90bcec49796ae6f431d4a800b5c6de8162ab6fe0d8e_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:3a7f09a334a51b8f8d2da9871cc28d29de6c32cdfa12ccd38f43d101f18dcfff_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:90153b5c4c5deeb7abadc7ac8ebb96b9ac72825ef609e8a172cb6866f3db351d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:056a115b19ecc05e38b2211e7adcddd4bb8e691c8403598391816db8d2f29178_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3b6012d3ae4ca3c074f6a9895c7c46e3cb7c55dbbd48b2118eabe228eb06fcb1_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:54eb853bc03d77214dfc4110f6880f90b5d0b2a509941c3a0ce20e73ab978952_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:b811ad761dc45e80c61a409685f0cb18d0d87378339363185b46d56b191c7e07_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:6ef843cb38796a93ecd60deafbb6fb902f5d6d93a38023d2af736d5942f410f5_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:31dc2fb94d13afd25570799ae1a1504e918eb55d79d6360a4576f3ec14ca82f6_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7a010c71fb5d894642c4feeb8dd841e9be0745cdadc206407be15f245895f949_arm64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:8d2f906d14238270d146c26c4dc54f8e219fe0b3ac2311312173fcc75af7101b_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:d509da45ed3ead45ff85dcb8d1d88883cc815a6cd2cbdba18e813448e859c490_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:0a3e487b8271091ee4e2f5ba71475c8986592f9c634974e2a319e05a15d566bb_s390x",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:4063ad90ef97f9e81e8f75803f64cec8a72d3dc43dfc0dd58e3f6731b4dcef8d_amd64",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:9f50860471c0cb8176d3d9354877313976ee871922326547ecb8ee869e81ca61_ppc64le",
"Multicluster Global Hub 1.7.1:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:dfdd95b60e0ba33c068a4b1b02442b908b383695dffefb6cefd7a6f738986d9d_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Apache Thrift: Apache Thrift: Security bypass due to improper certificate validation"
}
]
}
RHSA-2026:34364
Vulnerability from csaf_redhat - Published: 2026-07-01 16:16 - Updated: 2026-07-01 22:56A flaw was found in golang.org/x/net/html. A remote attacker could exploit this vulnerability by providing specially crafted HTML. When this arbitrary HTML is parsed and rendered, it can result in an unexpected HTML tree, bypassing input sanitization. This can be leveraged to execute Cross-Site Scripting (XSS) attacks, potentially leading to arbitrary code execution in applications that use the affected component.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
Workaround
|
A flaw was found in github.com/buger/jsonparser. The Delete function, when processing malformed JSON input, fails to properly validate offsets. This vulnerability can lead to a negative slice index and a runtime panic, allowing a remote attacker to cause a denial of service (DoS) by providing specially crafted JSON data.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
Workaround
|
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
Workaround
|
A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
Workaround
|
A flaw was found in golang.org/x/image. A remote attacker could exploit this vulnerability by providing a specially crafted WEBP image with an invalid, large size. This could cause the application to panic and crash on 32-bit platforms, leading to a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
Workaround
|
A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
Workaround
|
A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
Workaround
|
A flaw was found in Prometheus. An unauthenticated attacker can exploit the remote read endpoint (`/api/v1/read`) by sending a specially crafted, small snappy-compressed payload. This payload causes a disproportionately large memory allocation, leading to memory exhaustion and a Denial of Service (DoS) by crashing the Prometheus process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Logging for Red Hat OpenShift - 6.4.6",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Logging 6.4.6 is a cluster-wide logging solution for OpenShift that collects and manages applications, infrastructure, and audit logs.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:34364",
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25681",
"url": "https://access.redhat.com/security/cve/CVE-2026-25681"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32285",
"url": "https://access.redhat.com/security/cve/CVE-2026-32285"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33811",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33813",
"url": "https://access.redhat.com/security/cve/CVE-2026-33813"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39820",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39821",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42154",
"url": "https://access.redhat.com/security/cve/CVE-2026-42154"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42499",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_34364.json"
}
],
"title": "Red Hat Security Advisory: Logging for Red Hat OpenShift - 6.4.6",
"tracking": {
"current_release_date": "2026-07-01T22:56:59+00:00",
"generator": {
"date": "2026-07-01T22:56:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:34364",
"initial_release_date": "2026-07-01T16:16:22+00:00",
"revision_history": [
{
"date": "2026-07-01T16:16:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-01T16:16:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T22:56:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Logging Subsystem for Red Hat OpenShift 6.4",
"product": {
"name": "Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:6.4::el9"
}
}
}
],
"category": "product_family",
"name": "Logging Subsystem for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256%3A20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=1782412815"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256%3Ae5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=1782413532"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"product_id": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256%3A437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=1782408807"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"product_id": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256%3A0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=1782392885"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"product_id": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256%3A4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=1782405469"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"product_id": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256%3A93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=1782464542"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"product_id": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-operator-bundle@sha256%3A303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-operator-bundle\u0026tag=1782465285"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"product_id": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256%3Ae0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=1782392961"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"product_id": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256%3A37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=1782392937"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"product_id": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256%3A23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=1782393583"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256%3A036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=1782412815"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"product_id": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256%3A8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=1782408807"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"product_id": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256%3Ae4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=1782392885"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"product_id": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256%3A36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=1782405469"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"product_id": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256%3A2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=1782464542"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"product_id": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256%3A35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=1782392961"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"product_id": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256%3Ae07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=1782392937"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"product_id": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256%3A2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=1782393583"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256%3Ad379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=1782412815"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"product_id": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256%3Ad1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=1782408807"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"product_id": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256%3A1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=1782392885"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"product_id": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256%3Affcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=1782405469"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"product_id": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256%3A4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=1782464542"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"product_id": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256%3A57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=1782392961"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"product_id": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256%3A62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=1782392937"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x",
"product_id": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256%3Acaaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=1782393583"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256%3Af5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=1782412815"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256%3A404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=1782408807"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256%3A869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=1782392885"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256%3A613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=1782405469"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256%3Af278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=1782464542"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256%3Aab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=1782392961"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256%3A0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=1782392937"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256%3A9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=1782393583"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-25681",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-05-22T16:01:08.177603+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480761"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. A remote attacker could exploit this vulnerability by providing specially crafted HTML. When this arbitrary HTML is parsed and rendered, it can result in an unexpected HTML tree, bypassing input sanitization. This can be leveraged to execute Cross-Site Scripting (XSS) attacks, potentially leading to arbitrary code execution in applications that use the affected component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important vulnerability in `golang.org/x/net/html` could enable remote attackers to execute Cross-Site Scripting (XSS) attacks, potentially leading to arbitrary code execution. The flaw allows specially crafted HTML to bypass input sanitization during parsing and rendering. Red Hat products are affected if they process untrusted HTML content using the vulnerable component without additional output encoding or robust content security policies.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25681"
},
{
"category": "external",
"summary": "RHBZ#2480761",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480761"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25681",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25681"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25681",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25681"
},
{
"category": "external",
"summary": "https://go.dev/cl/781703",
"url": "https://go.dev/cl/781703"
},
{
"category": "external",
"summary": "https://go.dev/issue/79574",
"url": "https://go.dev/issue/79574"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5029",
"url": "https://pkg.go.dev/vuln/GO-2026-5029"
}
],
"release_date": "2026-05-22T15:01:21.975000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"category": "workaround",
"details": "To mitigate this flaw, applications processing untrusted HTML input must implement strict input sanitization and ensure all output is properly encoded before rendering. Deploying a comprehensive Content Security Policy (CSP) can restrict script execution, further reducing the attack surface. Administrators should review application configurations to ensure adequate protection against XSS.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting"
},
{
"cve": "CVE-2026-32285",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2026-03-26T20:01:54.925687+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451846"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/buger/jsonparser. The Delete function, when processing malformed JSON input, fails to properly validate offsets. This vulnerability can lead to a negative slice index and a runtime panic, allowing a remote attacker to cause a denial of service (DoS) by providing specially crafted JSON data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/buger/jsonparser: github.com/buger/jsonparser: Denial of Service via malformed JSON input",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32285"
},
{
"category": "external",
"summary": "RHBZ#2451846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451846"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32285",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32285"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32285",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32285"
},
{
"category": "external",
"summary": "https://github.com/buger/jsonparser/issues/275",
"url": "https://github.com/buger/jsonparser/issues/275"
},
{
"category": "external",
"summary": "https://github.com/golang/vulndb/issues/4514",
"url": "https://github.com/golang/vulndb/issues/4514"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4514",
"url": "https://pkg.go.dev/vuln/GO-2026-4514"
}
],
"release_date": "2026-03-26T19:40:51.837000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/buger/jsonparser: github.com/buger/jsonparser: Denial of Service via malformed JSON input"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-33811",
"cwe": {
"id": "CWE-1341",
"name": "Multiple Releases of Same Resource or Handle"
},
"discovery_date": "2026-05-07T20:01:34.913869+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467822"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net` package, affecting applications configured to use the `cgo` DNS resolver. A remote attacker could trigger a double-free memory error by providing a very long CNAME response, leading to a crash of the vulnerable application and impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "RHBZ#2467822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467822"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33811",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33811"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://go.dev/cl/767860",
"url": "https://go.dev/cl/767860"
},
{
"category": "external",
"summary": "https://go.dev/issue/78803",
"url": "https://go.dev/issue/78803"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4981",
"url": "https://pkg.go.dev/vuln/GO-2026-4981"
}
],
"release_date": "2026-05-07T19:41:19.285000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications can be configured to use the pure Go DNS resolver instead of the `cgo` DNS resolver. This can be achieved by setting the `GODEBUG` environment variable to `netdns=go`. For example, to run a Go application with this mitigation: `GODEBUG=netdns=go /path/to/your/go/application`. This change may require restarting affected applications or services to take effect. Users should verify that this change does not negatively impact DNS resolution for their specific application environment.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME"
},
{
"cve": "CVE-2026-33813",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2026-04-21T20:01:02.224363+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2460221"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/image. A remote attacker could exploit this vulnerability by providing a specially crafted WEBP image with an invalid, large size. This could cause the application to panic and crash on 32-bit platforms, leading to a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/image: golang: golang.org/x/image: Denial of Service via malformed WEBP image parsing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33813"
},
{
"category": "external",
"summary": "RHBZ#2460221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460221"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33813",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33813"
},
{
"category": "external",
"summary": "https://go.dev/cl/759860",
"url": "https://go.dev/cl/759860"
},
{
"category": "external",
"summary": "https://go.dev/issue/78407",
"url": "https://go.dev/issue/78407"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4961",
"url": "https://pkg.go.dev/vuln/GO-2026-4961"
}
],
"release_date": "2026-04-21T19:21:27.644000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/image: golang: golang.org/x/image: Denial of Service via malformed WEBP image parsing"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
},
{
"cve": "CVE-2026-39820",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-05-07T20:01:27.800929+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467820"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net/mail` package. Applications processing untrusted email inputs via `ParseAddress`, `ParseAddressList`, or `ParseDate` functions are susceptible to excessive resource consumption, which can lead to service unavailability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "RHBZ#2467820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467820"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39820",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39820"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://go.dev/cl/759940",
"url": "https://go.dev/cl/759940"
},
{
"category": "external",
"summary": "https://go.dev/issue/78566",
"url": "https://go.dev/issue/78566"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4986",
"url": "https://pkg.go.dev/vuln/GO-2026-4986"
}
],
"release_date": "2026-05-07T19:41:19.854000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs"
},
{
"cve": "CVE-2026-39821",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-05-22T16:00:52.844126+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480756"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "golang.org/x/net/idna is vulnerable to privilege escalation through incorrect Punycode label handling in ToASCII and ToUnicode. An attacker who can supply a Punycode hostname that passes an ASCII-only authorization check may have it normalized to a restricted ASCII name the application intended to block. Red Hat exposure is broad across products shipping the Go toolchain or bundling golang.org/x/net, including RHEL and RHEL-AI golang RPMs, hummingbird Go runtimes, OpenShift and ODF container builds, and Ceph/OpenShift components compiled against affected x/net versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "RHBZ#2480756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480756"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39821",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39821"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://go.dev/cl/767220",
"url": "https://go.dev/cl/767220"
},
{
"category": "external",
"summary": "https://go.dev/issue/78760",
"url": "https://go.dev/issue/78760"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5026",
"url": "https://pkg.go.dev/vuln/GO-2026-5026"
}
],
"release_date": "2026-05-22T15:01:21.462000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"category": "workaround",
"details": "Upgrade to a fixed golang.org/x/net release that includes the idna correction, via updated golang or dependent package rebuilds.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing"
},
{
"cve": "CVE-2026-42154",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-05-04T19:02:19.626646+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466505"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Prometheus. An unauthenticated attacker can exploit the remote read endpoint (`/api/v1/read`) by sending a specially crafted, small snappy-compressed payload. This payload causes a disproportionately large memory allocation, leading to memory exhaustion and a Denial of Service (DoS) by crashing the Prometheus process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/prometheus/prometheus: Prometheus: Denial of Service via uncontrolled memory allocation in remote read endpoint",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42154"
},
{
"category": "external",
"summary": "RHBZ#2466505",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466505"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42154",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42154"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42154",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42154"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/pull/18584",
"url": "https://github.com/prometheus/prometheus/pull/18584"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/pull/18585",
"url": "https://github.com/prometheus/prometheus/pull/18585"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3",
"url": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3",
"url": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/security/advisories/GHSA-8rm2-7qqf-34qm",
"url": "https://github.com/prometheus/prometheus/security/advisories/GHSA-8rm2-7qqf-34qm"
}
],
"release_date": "2026-05-04T18:13:12.340000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/prometheus/prometheus: Prometheus: Denial of Service via uncontrolled memory allocation in remote read endpoint"
},
{
"cve": "CVE-2026-42499",
"cwe": {
"id": "CWE-1046",
"name": "Creation of Immutable Text Using String Concatenation"
},
"discovery_date": "2026-05-07T20:00:51.685602+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467809"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the `net/mail` package of the Go standard library. A remote attacker can exploit this flaw by sending specially crafted email addresses, leading to excessive resource consumption and a denial of service in Go applications that parse email addresses using the affected library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "RHBZ#2467809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467809"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42499",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42499"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://go.dev/cl/771520",
"url": "https://go.dev/cl/771520"
},
{
"category": "external",
"summary": "https://go.dev/issue/78987",
"url": "https://go.dev/issue/78987"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4977",
"url": "https://pkg.go.dev/vuln/GO-2026-4977"
}
],
"release_date": "2026-05-07T19:41:18.615000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing"
}
]
}
RHSA-2026:7385
Vulnerability from csaf_redhat - Published: 2026-04-10 14:24 - Updated: 2026-07-01 19:51A path traversal vulnerability has been identified in the Go os package affecting the Root abstraction, where improper handling of trailing path separators could allow access to the parent directory of a configured root directory. By supplying a filename ending in "../", an attacker may be able to open the immediate parent directory of the intended Root. Although this escape does not allow traversal to higher-level ancestors or direct access to files within the parent directory, it may expose directory metadata or unintended filesystem structure if the application passes untrusted path input to Root.Open.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A CrossOriginProtection bypass has been discovered in the golang net/http package. When using http.CrossOriginProtection, the AddInsecureBypassPattern method can unexpectedly bypass more requests than intended. CrossOriginProtection then skips validation, but forwards the original request path, which may be served by a different handler without the intended security protections.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
|
The Parse function permits values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed within square brackets. For example: "http://[::1]/". IPv4 addresses and hostnames must not appear within square brackets. Parse did not enforce this requirement.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
|
A flaw was found in the SSH Agent servers component (golang.org/x/crypto/ssh/agent). This vulnerability allows a remote attacker to cause a denial of service (DoS) by sending a specially crafted, malformed message during new identity requests. The server fails to validate the size of these messages, leading to an out-of-bounds read that can cause the program to panic and terminate.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
|
A flaw was found in golang.org/x/crypto/ssh. An attacker can exploit this vulnerability by sending specially crafted GSSAPI (Generic Security Service Application Program Interface) authentication requests to an SSH (Secure Shell) server. The server fails to validate the number of mechanisms specified in these requests, leading to unbounded memory consumption. This can result in a Denial of Service (DoS), making the SSH server unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
|
A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A memory exhaustion flaw has been discovered in the golang encoding/asn1 module. Within parseSequenceOf, reflect.MakeSlice is being used to pre-allocate a slice that is needed in order to fully validate the given DER payload. The size of the slice allocated are also multiple times larger than the input DER. As a result, a malicious actor can craft a big empty DER payload, resulting in an unnecessary large allocation of memories. This can be a way to cause memory exhaustion.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as "a=;", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
|
A potential denial of service flaw has been discovered in golang's crypto/x509 module. Due to the design of the name constraint checking algorithm, the processing time of some inputs scales non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A denial of service vector has been discovered in the golang crypto/x509 module. An attacker could craft an intermediate X.509 certificate containing a DSA public key and can crash a remote host with an unauthenticated call to any endpoint that verifies the certificate chain.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
The crypto/tls conn.Handshake method returns an error on the server-side when ALPN negotation fails which can contain arbitrary attacker controlled information provided by the client-side of the connection which is not escaped. This affects programs which log these errors without any additional form of sanitization, and may allow injection of attacker controlled information into logs.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) in an exposed go application if an attacker provides specially crafted HTML content.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A potential denial of service flaw has been discovered in the golang encoding/pem module. Due to the design of the PEM parsing function, the processing time for some inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs and may result in an unresponsive program should an attacker exploit it.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
|
A denial of service vulnerability has been discovered in the golang net/mail module. The ParseAddress function constructed domain-literal address components through repeated string concatenation which when parsing large domain-literal components, could cause excessive CPU consumption.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the crypto/x509 package in the Go standard library. This vulnerability allows a certificate validation bypass via an excluded subdomain constraint in a certificated chain as it does not restrict the usage of wildcard SANs in the leaf certificate.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
|
A TLS connection handling flaw has been discovered in the golang crypto/tls library. During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries (for instance the Client Hello and Encrypted Extensions messages), the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosure if a network-local attacker can inject messages during the handshake.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in cmd/go. An attacker can exploit this by building a malicious Go source file that uses the '#cgo pkg-config:' directive. This allows the attacker to write to an arbitrary file with partial control over its content, by providing a '--log-file' argument to the pkg-config command. This vulnerability can lead to arbitrary file write.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Go's 'cgo tool'. This vulnerability arises from a discrepancy in how Go and C/C++ comments are parsed, which allows for malicious code to be hidden within comments and then "smuggled" into the compiled `cgo` binary. An attacker could exploit this to embed and execute arbitrary code, potentially leading to significant system compromise.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
|
A flaw was found in Golang's cmd/go module. This vulnerability allows a local attacker to achieve local code execution by downloading and building modules with specially crafted malicious version strings. On systems with Mercurial (hg) installed, this can occur when downloading modules from non-standard sources due to how external Version Control System (VCS) commands are constructed. Additionally, on systems with Git installed, providing malicious version strings to the toolchain can enable an attacker to write to arbitrary files on the filesystem. This issue is triggered by explicitly supplying these malicious version strings.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
|
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A path traversal flaw has been discovered in the golang `os` module. On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the filesystem without permitting reading or writing files outside the root.
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in golang.org/x/net/http2. A remote attacker can exploit this vulnerability by sending specially crafted HTTP/2 frames, which are data packets used in the HTTP/2 protocol. Due to a missing check for null values, processing these specific frames (types 0x0a through 0x0f) can cause the server to crash. This leads to a Denial of Service (DoS) condition, making the affected server unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the cmd/compile package in the Go standard library. The compiler fails to correctly check for integer overflow or underflow in arithmetic operations involving loop induction variables. As a result, the compiler allows invalid memory indexing to occur at runtime, potentially leading to memory corruption.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the cmd/compile package in the Go standard library. A no-op interface conversion prevented the compiler from correctly identifying non-overlapping memory moves. As a result, the compiler allows unsafe memory move operations to occur at runtime, potentially causing data corruption, memory corruption or unexpected application behavior.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
|
A flaw was found in Go's `archive/tar` package. A remote attacker could exploit this vulnerability by providing a maliciously-crafted archive file. When the `tar.Reader` processes an archive containing a large number of sparse regions in the "old GNU sparse map" format, it can lead to unbounded memory allocation. This can result in a Denial of Service (DoS) condition, making the affected application unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the `html/template` package. This vulnerability arises from improper tracking of context and brace depth within JavaScript (JS) template literals. A remote attacker could exploit these issues to cause content to be incorrectly or improperly escaped, leading to Cross-Site Scripting (XSS) vulnerabilities. This could allow an attacker to inject malicious scripts into web pages viewed by other users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in golang.org/x/image/tiff. A remote attacker could exploit this vulnerability by providing a maliciously crafted Tagged Image File Format (TIFF) file. This could cause the image decoding process to attempt to allocate up to 4 gigabytes (GiB) of memory. The excessive resource consumption or an out-of-memory error would lead to a Denial of Service (DoS) condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in golang.org/x/image. A remote attacker could exploit this vulnerability by providing a specially crafted WEBP image with an invalid, large size. This could cause the application to panic and crash on 32-bit platforms, leading to a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@src | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-25-main@x86_64 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Red Hat Hardened Images RPMs is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "This update includes the following RPMs:",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:7385",
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "external",
"summary": "https://images.redhat.com/",
"url": "https://images.redhat.com/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27141",
"url": "https://access.redhat.com/security/cve/CVE-2026-27141"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-58190",
"url": "https://access.redhat.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47911",
"url": "https://access.redhat.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22873",
"url": "https://access.redhat.com/security/cve/CVE-2025-22873"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68119",
"url": "https://access.redhat.com/security/cve/CVE-2025-68119"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61732",
"url": "https://access.redhat.com/security/cve/CVE-2025-61732"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61731",
"url": "https://access.redhat.com/security/cve/CVE-2025-61731"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61725",
"url": "https://access.redhat.com/security/cve/CVE-2025-61725"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61724",
"url": "https://access.redhat.com/security/cve/CVE-2025-61724"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61723",
"url": "https://access.redhat.com/security/cve/CVE-2025-61723"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-58186",
"url": "https://access.redhat.com/security/cve/CVE-2025-58186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-58185",
"url": "https://access.redhat.com/security/cve/CVE-2025-58185"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-58181",
"url": "https://access.redhat.com/security/cve/CVE-2025-58181"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47914",
"url": "https://access.redhat.com/security/cve/CVE-2025-47914"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47912",
"url": "https://access.redhat.com/security/cve/CVE-2025-47912"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47910",
"url": "https://access.redhat.com/security/cve/CVE-2025-47910"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68121",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61730",
"url": "https://access.redhat.com/security/cve/CVE-2025-61730"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-58189",
"url": "https://access.redhat.com/security/cve/CVE-2025-58189"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-58187",
"url": "https://access.redhat.com/security/cve/CVE-2025-58187"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-58188",
"url": "https://access.redhat.com/security/cve/CVE-2025-58188"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-58183",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61728",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61726",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33809",
"url": "https://access.redhat.com/security/cve/CVE-2026-33809"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32289",
"url": "https://access.redhat.com/security/cve/CVE-2026-32289"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32288",
"url": "https://access.redhat.com/security/cve/CVE-2026-32288"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32283",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32282",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27144",
"url": "https://access.redhat.com/security/cve/CVE-2026-27144"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27143",
"url": "https://access.redhat.com/security/cve/CVE-2026-27143"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61727",
"url": "https://access.redhat.com/security/cve/CVE-2025-61727"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27139",
"url": "https://access.redhat.com/security/cve/CVE-2026-27139"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33813",
"url": "https://access.redhat.com/security/cve/CVE-2026-33813"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42503",
"url": "https://access.redhat.com/security/cve/CVE-2026-42503"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_7385.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update",
"tracking": {
"current_release_date": "2026-07-01T19:51:03+00:00",
"generator": {
"date": "2026-07-01T19:51:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:7385",
"initial_release_date": "2026-04-10T14:24:10+00:00",
"revision_history": [
{
"date": "2026-04-10T14:24:10+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-07T03:11:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T19:51:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Hardened Images",
"product": {
"name": "Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:hummingbird:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Hardened Images"
},
{
"branches": [
{
"category": "product_version",
"name": "golang1-25-main@aarch64",
"product": {
"name": "golang1-25-main@aarch64",
"product_id": "golang1-25-main@aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang1.25@1.25.9-1.hum1?arch=aarch64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-aarch64-rpms"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "golang1-25-main@src",
"product": {
"name": "golang1-25-main@src",
"product_id": "golang1-25-main@src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang1.25@1.25.9-1.hum1?arch=src\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-source-rpms"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang1-25-main@x86_64",
"product": {
"name": "golang1-25-main@x86_64",
"product_id": "golang1-25-main@x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang1.25@1.25.9-1.hum1?arch=x86_64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-x86_64-rpms"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "golang1-25-main@noarch",
"product": {
"name": "golang1-25-main@noarch",
"product_id": "golang1-25-main@noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang1.25-docs@1.25.9-1.hum1?arch=noarch\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-x86_64-rpms"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "golang1-25-main@aarch64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:golang1-25-main@aarch64"
},
"product_reference": "golang1-25-main@aarch64",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang1-25-main@noarch as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:golang1-25-main@noarch"
},
"product_reference": "golang1-25-main@noarch",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang1-25-main@src as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:golang1-25-main@src"
},
"product_reference": "golang1-25-main@src",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang1-25-main@x86_64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:golang1-25-main@x86_64"
},
"product_reference": "golang1-25-main@x86_64",
"relates_to_product_reference": "Red Hat Hardened Images"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22873",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-02-05T00:01:17.475869+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2436992"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability has been identified in the Go os package affecting the Root abstraction, where improper handling of trailing path separators could allow access to the parent directory of a configured root directory. By supplying a filename ending in \"../\", an attacker may be able to open the immediate parent directory of the intended Root. Although this escape does not allow traversal to higher-level ancestors or direct access to files within the parent directory, it may expose directory metadata or unintended filesystem structure if the application passes untrusted path input to Root.Open.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "os: os: Information disclosure via path traversal using specially crafted filenames",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security classified this issue as Moderate.\n\nThe flaw exists in a local filesystem abstraction within the Go standard library, it can also be exploited remotely in applications that accept attacker-controlled path input over a network and pass it to Root.Open without proper validation. The attack complexity is low, as exploitation requires only appending \"../\" to the supplied path. However, the impact is limited: the flaw permits opening only the immediate parent directory, not arbitrary filesystem locations or files contained within that directory. There is no direct impact on file integrity or application availability. These constraints limit the practical exposure of the issue while still represents a boundary bypass and may expose unintended filesystem metadata. The issue does not permit traversal beyond the parent directory, modification of files, or broader system compromise, thereby constraining its overall impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22873"
},
{
"category": "external",
"summary": "RHBZ#2436992",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436992"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22873"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22873",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22873"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2025/05/06/2",
"url": "http://www.openwall.com/lists/oss-security/2025/05/06/2"
},
{
"category": "external",
"summary": "https://go.dev/cl/670036",
"url": "https://go.dev/cl/670036"
},
{
"category": "external",
"summary": "https://go.dev/issue/73555",
"url": "https://go.dev/issue/73555"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/UZoIkUT367A/m/5WDxKizJAQAJ",
"url": "https://groups.google.com/g/golang-announce/c/UZoIkUT367A/m/5WDxKizJAQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4403",
"url": "https://pkg.go.dev/vuln/GO-2026-4403"
}
],
"release_date": "2026-02-04T23:05:24.803000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "os: os: Information disclosure via path traversal using specially crafted filenames"
},
{
"cve": "CVE-2025-47910",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"discovery_date": "2025-09-22T22:00:44.572202+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2397528"
}
],
"notes": [
{
"category": "description",
"text": "A CrossOriginProtection bypass has been discovered in the golang net/http package. When using http.CrossOriginProtection, the AddInsecureBypassPattern method can unexpectedly bypass more requests than intended. CrossOriginProtection then skips validation, but forwards the original request path, which may be served by a different handler without the intended security protections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/http: CrossOriginProtection bypass in net/http",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47910"
},
{
"category": "external",
"summary": "RHBZ#2397528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47910",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47910"
},
{
"category": "external",
"summary": "https://go.dev/cl/699275",
"url": "https://go.dev/cl/699275"
},
{
"category": "external",
"summary": "https://go.dev/issue/75054",
"url": "https://go.dev/issue/75054"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/PtW9VW21NPs/m/DJhMQ-m5AQAJ",
"url": "https://groups.google.com/g/golang-announce/c/PtW9VW21NPs/m/DJhMQ-m5AQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3955",
"url": "https://pkg.go.dev/vuln/GO-2025-3955"
}
],
"release_date": "2025-09-22T21:01:55.440000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net/http: CrossOriginProtection bypass in net/http"
},
{
"cve": "CVE-2025-47911",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2026-02-05T18:01:23.423406+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437109"
}
],
"notes": [
{
"category": "description",
"text": "The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Quadratic parsing complexity in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47911"
},
{
"category": "external",
"summary": "RHBZ#2437109",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437109"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47911"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47911",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47911"
},
{
"category": "external",
"summary": "https://github.com/golang/vulndb/issues/4440",
"url": "https://github.com/golang/vulndb/issues/4440"
},
{
"category": "external",
"summary": "https://go.dev/cl/709876",
"url": "https://go.dev/cl/709876"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/jnQcOYpiR2c",
"url": "https://groups.google.com/g/golang-announce/c/jnQcOYpiR2c"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4440",
"url": "https://pkg.go.dev/vuln/GO-2026-4440"
}
],
"release_date": "2026-02-05T17:48:44.562000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/net/html: Quadratic parsing complexity in golang.org/x/net/html"
},
{
"cve": "CVE-2025-47912",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-10-29T23:01:06.642219+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407247"
}
],
"notes": [
{
"category": "description",
"text": "The Parse function permits values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed within square brackets. For example: \"http://[::1]/\". IPv4 addresses and hostnames must not appear within square brackets. Parse did not enforce this requirement.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Insufficient validation of bracketed IPv6 hostnames in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47912"
},
{
"category": "external",
"summary": "RHBZ#2407247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47912"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47912",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47912"
},
{
"category": "external",
"summary": "https://go.dev/cl/709857",
"url": "https://go.dev/cl/709857"
},
{
"category": "external",
"summary": "https://go.dev/issue/75678",
"url": "https://go.dev/issue/75678"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4010",
"url": "https://pkg.go.dev/vuln/GO-2025-4010"
}
],
"release_date": "2025-10-29T22:10:13.435000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net/url: Insufficient validation of bracketed IPv6 hostnames in net/url"
},
{
"cve": "CVE-2025-47914",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-11-19T21:01:06.202641+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416000"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SSH Agent servers component (golang.org/x/crypto/ssh/agent). This vulnerability allows a remote attacker to cause a denial of service (DoS) by sending a specially crafted, malformed message during new identity requests. The server fails to validate the size of these messages, leading to an out-of-bounds read that can cause the program to panic and terminate.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/agent: SSH Agent servers: Denial of Service due to malformed messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate for Red Hat products. The golang.org/x/crypto/ssh/agent library, when used in SSH Agent servers, does not properly validate the size of messages during new identity requests. A specially crafted malformed message can lead to an out-of-bounds read, causing the program to panic and resulting in a denial of service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47914"
},
{
"category": "external",
"summary": "RHBZ#2416000",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416000"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47914"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"category": "external",
"summary": "https://go.dev/cl/721960",
"url": "https://go.dev/cl/721960"
},
{
"category": "external",
"summary": "https://go.dev/issue/76364",
"url": "https://go.dev/issue/76364"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/w-oX3UxNcZA",
"url": "https://groups.google.com/g/golang-announce/c/w-oX3UxNcZA"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4135",
"url": "https://pkg.go.dev/vuln/GO-2025-4135"
}
],
"release_date": "2025-11-19T20:33:43.126000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/crypto/ssh/agent: SSH Agent servers: Denial of Service due to malformed messages"
},
{
"cve": "CVE-2025-58181",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-11-19T21:00:50.197590+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2415997"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. An attacker can exploit this vulnerability by sending specially crafted GSSAPI (Generic Security Service Application Program Interface) authentication requests to an SSH (Secure Shell) server. The server fails to validate the number of mechanisms specified in these requests, leading to unbounded memory consumption. This can result in a Denial of Service (DoS), making the SSH server unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via unbounded memory consumption in GSSAPI authentication",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate for Red Hat. SSH servers utilizing `golang.org/x/crypto/ssh` and configured to process GSSAPI authentication requests are susceptible to unbounded memory consumption. An attacker can exploit this by sending specially crafted GSSAPI authentication requests, potentially leading to a denial of service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58181"
},
{
"category": "external",
"summary": "RHBZ#2415997",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2415997"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58181"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"category": "external",
"summary": "https://go.dev/cl/721961",
"url": "https://go.dev/cl/721961"
},
{
"category": "external",
"summary": "https://go.dev/issue/76363",
"url": "https://go.dev/issue/76363"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/w-oX3UxNcZA",
"url": "https://groups.google.com/g/golang-announce/c/w-oX3UxNcZA"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4134",
"url": "https://pkg.go.dev/vuln/GO-2025-4134"
}
],
"release_date": "2025-11-19T20:33:42.795000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via unbounded memory consumption in GSSAPI authentication"
},
{
"cve": "CVE-2025-58183",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-29T23:01:50.573951+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407258"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to be able to process a specially crafted GNU tar pax 1.0 archive with the application using the archive/tar package. Additionally, this issue can cause the Go application to allocate a large amount of memory, eventually leading to an out-of-memory condition and resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "RHBZ#2407258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://go.dev/cl/709861",
"url": "https://go.dev/cl/709861"
},
{
"category": "external",
"summary": "https://go.dev/issue/75677",
"url": "https://go.dev/issue/75677"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4014",
"url": "https://pkg.go.dev/vuln/GO-2025-4014"
}
],
"release_date": "2025-10-29T22:10:14.376000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map"
},
{
"cve": "CVE-2025-58185",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-29T23:01:25.877898+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407251"
}
],
"notes": [
{
"category": "description",
"text": "A memory exhaustion flaw has been discovered in the golang encoding/asn1 module. Within parseSequenceOf, reflect.MakeSlice is being used to pre-allocate a slice that is needed in order to fully validate the given DER payload. The size of the slice allocated are also multiple times larger than the input DER. As a result, a malicious actor can craft a big empty DER payload, resulting in an unnecessary large allocation of memories. This can be a way to cause memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/asn1: Parsing DER payload can cause memory exhaustion in encoding/asn1",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58185"
},
{
"category": "external",
"summary": "RHBZ#2407251",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407251"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58185"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"category": "external",
"summary": "https://github.com/golang/go/commit/8709a41d5ef7321f486a1857f189c3fee20e8edd",
"url": "https://github.com/golang/go/commit/8709a41d5ef7321f486a1857f189c3fee20e8edd"
},
{
"category": "external",
"summary": "https://go.dev/cl/709856",
"url": "https://go.dev/cl/709856"
},
{
"category": "external",
"summary": "https://go.dev/issue/75671",
"url": "https://go.dev/issue/75671"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4011",
"url": "https://pkg.go.dev/vuln/GO-2025-4011"
}
],
"release_date": "2025-10-29T22:10:13.682000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "encoding/asn1: Parsing DER payload can cause memory exhaustion in encoding/asn1"
},
{
"cve": "CVE-2025-58186",
"discovery_date": "2025-10-29T23:01:22.260983+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407250"
}
],
"notes": [
{
"category": "description",
"text": "Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as \"a=;\", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/net/http: Lack of limit when parsing cookies can cause memory exhaustion in net/http",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58186"
},
{
"category": "external",
"summary": "RHBZ#2407250",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407250"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58186"
},
{
"category": "external",
"summary": "https://go.dev/cl/709855",
"url": "https://go.dev/cl/709855"
},
{
"category": "external",
"summary": "https://go.dev/issue/75672",
"url": "https://go.dev/issue/75672"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4012",
"url": "https://pkg.go.dev/vuln/GO-2025-4012"
}
],
"release_date": "2025-10-29T22:10:13.912000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang.org/net/http: Lack of limit when parsing cookies can cause memory exhaustion in net/http"
},
{
"cve": "CVE-2025-58187",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-29T23:01:54.130980+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407259"
}
],
"notes": [
{
"category": "description",
"text": "A potential denial of service flaw has been discovered in golang\u0027s crypto/x509 module. Due to the design of the name constraint checking algorithm, the processing time of some inputs scales non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: Quadratic complexity when checking name constraints in crypto/x509",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58187"
},
{
"category": "external",
"summary": "RHBZ#2407259",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407259"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58187"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"category": "external",
"summary": "https://github.com/golang/go/commit/3fc4c79fdbb17b9b29ea9f8c29dd780df075d4c4",
"url": "https://github.com/golang/go/commit/3fc4c79fdbb17b9b29ea9f8c29dd780df075d4c4"
},
{
"category": "external",
"summary": "https://go.dev/cl/709854",
"url": "https://go.dev/cl/709854"
},
{
"category": "external",
"summary": "https://go.dev/issue/75681",
"url": "https://go.dev/issue/75681"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4007",
"url": "https://pkg.go.dev/vuln/GO-2025-4007"
}
],
"release_date": "2025-10-29T22:10:12.624000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: Quadratic complexity when checking name constraints in crypto/x509"
},
{
"cve": "CVE-2025-58188",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2025-10-29T23:01:39.787633+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407255"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vector has been discovered in the golang crypto/x509 module. An attacker could craft an intermediate X.509 certificate containing a DSA public key and can crash a remote host with an unauthenticated call to any endpoint that verifies the certificate chain.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impacts are limited on Red Hat products as they do not affect the host systems.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58188"
},
{
"category": "external",
"summary": "RHBZ#2407255",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407255"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58188"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"category": "external",
"summary": "https://github.com/golang/go/commit/6e4007e8cffbb870e6b606307ab7308236ecefb9",
"url": "https://github.com/golang/go/commit/6e4007e8cffbb870e6b606307ab7308236ecefb9"
},
{
"category": "external",
"summary": "https://go.dev/cl/709853",
"url": "https://go.dev/cl/709853"
},
{
"category": "external",
"summary": "https://go.dev/issue/75675",
"url": "https://go.dev/issue/75675"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4013",
"url": "https://pkg.go.dev/vuln/GO-2025-4013"
}
],
"release_date": "2025-10-29T22:10:14.143000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509"
},
{
"cve": "CVE-2025-58189",
"cwe": {
"id": "CWE-117",
"name": "Improper Output Neutralization for Logs"
},
"discovery_date": "2025-10-29T23:01:57.740310+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407260"
}
],
"notes": [
{
"category": "description",
"text": "The crypto/tls conn.Handshake method returns an error on the server-side when ALPN negotation fails which can contain arbitrary attacker controlled information provided by the client-side of the connection which is not escaped. This affects programs which log these errors without any additional form of sanitization, and may allow injection of attacker controlled information into logs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: go crypto/tls ALPN negotiation error contains attacker controlled information",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58189"
},
{
"category": "external",
"summary": "RHBZ#2407260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407260"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58189",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58189"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"category": "external",
"summary": "https://go.dev/cl/707776",
"url": "https://go.dev/cl/707776"
},
{
"category": "external",
"summary": "https://go.dev/issue/75652",
"url": "https://go.dev/issue/75652"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4008",
"url": "https://pkg.go.dev/vuln/GO-2025-4008"
}
],
"release_date": "2025-10-29T22:10:12.947000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: go crypto/tls ALPN negotiation error contains attacker controlled information"
},
{
"cve": "CVE-2025-58190",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2026-02-05T18:01:26.511908+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437110"
}
],
"notes": [
{
"category": "description",
"text": "The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) in an exposed go application if an attacker provides specially crafted HTML content.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Infinite parsing loop in golang.org/x/net",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58190"
},
{
"category": "external",
"summary": "RHBZ#2437110",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437110"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58190"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58190",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58190"
},
{
"category": "external",
"summary": "https://github.com/golang/vulndb/issues/4441",
"url": "https://github.com/golang/vulndb/issues/4441"
},
{
"category": "external",
"summary": "https://go.dev/cl/709875",
"url": "https://go.dev/cl/709875"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/jnQcOYpiR2c",
"url": "https://groups.google.com/g/golang-announce/c/jnQcOYpiR2c"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4441",
"url": "https://pkg.go.dev/vuln/GO-2026-4441"
}
],
"release_date": "2026-02-05T17:48:44.693000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/net/html: Infinite parsing loop in golang.org/x/net"
},
{
"cve": "CVE-2025-61723",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-29T23:01:29.304260+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407252"
}
],
"notes": [
{
"category": "description",
"text": "A potential denial of service flaw has been discovered in the golang encoding/pem module. Due to the design of the PEM parsing function, the processing time for some\ninputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs and may result in an unresponsive program should an attacker exploit it.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/pem: Quadratic complexity when parsing some invalid inputs in encoding/pem",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61723"
},
{
"category": "external",
"summary": "RHBZ#2407252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407252"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61723"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"category": "external",
"summary": "https://github.com/golang/go/commit/5ce8cd16f3859ec5ac4106ad8ec15d6236f4501b",
"url": "https://github.com/golang/go/commit/5ce8cd16f3859ec5ac4106ad8ec15d6236f4501b"
},
{
"category": "external",
"summary": "https://go.dev/cl/709858",
"url": "https://go.dev/cl/709858"
},
{
"category": "external",
"summary": "https://go.dev/issue/75676",
"url": "https://go.dev/issue/75676"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4009",
"url": "https://pkg.go.dev/vuln/GO-2025-4009"
}
],
"release_date": "2025-10-29T22:10:13.220000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "encoding/pem: Quadratic complexity when parsing some invalid inputs in encoding/pem"
},
{
"cve": "CVE-2025-61724",
"cwe": {
"id": "CWE-1046",
"name": "Creation of Immutable Text Using String Concatenation"
},
"discovery_date": "2025-10-29T23:01:47.202663+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407257"
}
],
"notes": [
{
"category": "description",
"text": "The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/textproto: Excessive CPU consumption in Reader.ReadResponse in net/textproto",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61724"
},
{
"category": "external",
"summary": "RHBZ#2407257",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407257"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61724"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"category": "external",
"summary": "https://go.dev/cl/709859",
"url": "https://go.dev/cl/709859"
},
{
"category": "external",
"summary": "https://go.dev/issue/75716",
"url": "https://go.dev/issue/75716"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4015",
"url": "https://pkg.go.dev/vuln/GO-2025-4015"
}
],
"release_date": "2025-10-29T22:10:14.609000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net/textproto: Excessive CPU consumption in Reader.ReadResponse in net/textproto"
},
{
"cve": "CVE-2025-61725",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-29T23:01:18.805163+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407249"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability has been discovered in the golang net/mail module. The ParseAddress function constructed domain-literal address components through repeated string concatenation which when parsing large domain-literal components, could cause excessive CPU consumption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: Excessive CPU consumption in ParseAddress in net/mail",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61725"
},
{
"category": "external",
"summary": "RHBZ#2407249",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407249"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61725"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"category": "external",
"summary": "https://go.dev/cl/709860",
"url": "https://go.dev/cl/709860"
},
{
"category": "external",
"summary": "https://go.dev/issue/75680",
"url": "https://go.dev/issue/75680"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4006",
"url": "https://pkg.go.dev/vuln/GO-2025-4006"
}
],
"release_date": "2025-10-29T22:10:12.255000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net/mail: Excessive CPU consumption in ParseAddress in net/mail"
},
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61727",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2025-12-03T20:01:21.730501+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418677"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/x509 package in the Go standard library. This vulnerability allows a certificate validation bypass via an excluded subdomain constraint in a certificated chain as it does not restrict the usage of wildcard SANs in the leaf certificate.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to obtain a leaf certificate with a wildcard SAN (e.g., *.example.com) and the legitimate certificate policy must contain an excluded DNS name constraint (e.g., to prevent issuance for test.example.com), allowing an application using the crypto/x509 package to validate the certificate when it should have been rejected and to be vulnerable to MITM (man-in-the-middle) attacks. Additionally, the attacker does not have full control of what data can be read of modified during the attack. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61727"
},
{
"category": "external",
"summary": "RHBZ#2418677",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418677"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61727"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"category": "external",
"summary": "https://go.dev/cl/723900",
"url": "https://go.dev/cl/723900"
},
{
"category": "external",
"summary": "https://go.dev/issue/76442",
"url": "https://go.dev/issue/76442"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4175",
"url": "https://pkg.go.dev/vuln/GO-2025-4175"
}
],
"release_date": "2025-12-03T19:37:15.054000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs"
},
{
"cve": "CVE-2025-61728",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:39.965024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434431"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker needs to be able to process a malicious zip archive with an application using the archive/zip package. Additionally, this vulnerability can cause a Go application to consume an excessive amount of CPU and memory, eventually resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "RHBZ#2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://go.dev/cl/736713",
"url": "https://go.dev/cl/736713"
},
{
"category": "external",
"summary": "https://go.dev/issue/77102",
"url": "https://go.dev/issue/77102"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4342",
"url": "https://pkg.go.dev/vuln/GO-2026-4342"
}
],
"release_date": "2026-01-28T19:30:31.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, implement a timeout in your archive/zip processing logic to abort the operation if it exceeds a few seconds, preventing the application from consuming an excessive amount of resources.",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-61730",
"cwe": {
"id": "CWE-325",
"name": "Missing Cryptographic Step"
},
"discovery_date": "2026-01-28T20:01:36.508659+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434430"
}
],
"notes": [
{
"category": "description",
"text": "A TLS connection handling flaw has been discovered in the golang crypto/tls library. During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries (for instance the Client Hello and Encrypted Extensions messages), the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosure if a network-local attacker can inject messages during the handshake.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The data leak after exploitation of this vulnerability is minor, data such as Handshake message contents that should have been processed only after switching to a stronger TLS 1.3 encryption level, Protocol state details such as which handshake message was processed when, Timing and ordering information about the TLS 1.3 state.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61730"
},
{
"category": "external",
"summary": "RHBZ#2434430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434430"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61730"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"category": "external",
"summary": "https://go.dev/cl/724120",
"url": "https://go.dev/cl/724120"
},
{
"category": "external",
"summary": "https://go.dev/issue/76443",
"url": "https://go.dev/issue/76443"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4340",
"url": "https://pkg.go.dev/vuln/GO-2026-4340"
}
],
"release_date": "2026-01-28T19:30:30.986000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls"
},
{
"cve": "CVE-2025-61731",
"cwe": {
"id": "CWE-88",
"name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
},
"discovery_date": "2026-01-28T20:01:45.587773+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434433"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in cmd/go. An attacker can exploit this by building a malicious Go source file that uses the \u0027#cgo pkg-config:\u0027 directive. This allows the attacker to write to an arbitrary file with partial control over its content, by providing a \u0027--log-file\u0027 argument to the pkg-config command. This vulnerability can lead to arbitrary file write.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is Important rather than Moderate because compiling a malicious Go source file can cause `pkg-config` to create or append data to files at attacker-chosen locations, subject to the permissions of the build user. This can enable unintended filesystem modifications during the build process, which can lead to broken builds, alter tool behavior, and poison caches or artifacts, even without direct code execution.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61731"
},
{
"category": "external",
"summary": "RHBZ#2434433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434433"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61731"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61731",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61731"
},
{
"category": "external",
"summary": "https://go.dev/cl/736711",
"url": "https://go.dev/cl/736711"
},
{
"category": "external",
"summary": "https://go.dev/issue/77100",
"url": "https://go.dev/issue/77100"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4339",
"url": "https://pkg.go.dev/vuln/GO-2026-4339"
}
],
"release_date": "2026-01-28T19:30:30.844000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive"
},
{
"cve": "CVE-2025-61732",
"discovery_date": "2026-02-05T05:00:47.678207+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437016"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s \u0027cgo tool\u0027. This vulnerability arises from a discrepancy in how Go and C/C++ comments are parsed, which allows for malicious code to be hidden within comments and then \"smuggled\" into the compiled `cgo` binary. An attacker could exploit this to embed and execute arbitrary code, potentially leading to significant system compromise.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cmd/cgo: Go cgo: Code smuggling due to comment parsing discrepancy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important vulnerability in the `cmd/cgo` component of the Go toolchain. A parsing discrepancy between Go and C/C++ comments could allow for code smuggling into the resulting `cgo` binary. This primarily affects systems where untrusted Go modules utilizing `cgo` are built, impacting Red Hat Enterprise Linux and OpenShift Container Platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61732"
},
{
"category": "external",
"summary": "RHBZ#2437016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437016"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61732"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"category": "external",
"summary": "https://go.dev/cl/734220",
"url": "https://go.dev/cl/734220"
},
{
"category": "external",
"summary": "https://go.dev/issue/76697",
"url": "https://go.dev/issue/76697"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4433",
"url": "https://pkg.go.dev/vuln/GO-2026-4433"
}
],
"release_date": "2026-02-05T03:42:26.392000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cmd/cgo: Go cgo: Code smuggling due to comment parsing discrepancy"
},
{
"cve": "CVE-2025-68119",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2026-01-28T20:01:57.098669+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434438"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang\u0027s cmd/go module. This vulnerability allows a local attacker to achieve local code execution by downloading and building modules with specially crafted malicious version strings. On systems with Mercurial (hg) installed, this can occur when downloading modules from non-standard sources due to how external Version Control System (VCS) commands are constructed. Additionally, on systems with Git installed, providing malicious version strings to the toolchain can enable an attacker to write to arbitrary files on the filesystem. This issue is triggered by explicitly supplying these malicious version strings.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cmd/go: cmd/go: Local code execution and arbitrary file write via malicious module version strings",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated Moderate severity by Red Hat Product Security, because exploitation requires non-standard and intentional user behavior. \n\nThe attacker must explicitly supply a specially crafted module version string, which does not occur during normal Go module usage such as @latest or standard module paths, making the attack complexity high. \n\nAdditionally, user interaction is required, as the vulnerable behavior is only triggered when a user manually invokes the Go toolchain to download or build the malicious module.\n \nWhile successful exploitation can result in local code execution or arbitrary file modification, the combination of local access, manual input, and uncommon usage patterns significantly limits the likelihood of exploitation in typical environments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68119"
},
{
"category": "external",
"summary": "RHBZ#2434438",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434438"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68119"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"category": "external",
"summary": "https://go.dev/cl/736710",
"url": "https://go.dev/cl/736710"
},
{
"category": "external",
"summary": "https://go.dev/issue/77099",
"url": "https://go.dev/issue/77099"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4338",
"url": "https://pkg.go.dev/vuln/GO-2026-4338"
}
],
"release_date": "2026-01-28T19:30:30.704000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u0027s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cmd/go: cmd/go: Local code execution and arbitrary file write via malicious module version strings"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-27139",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-03-06T22:01:08.670782+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445335"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw has been discovered in the golang `os` module. On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the filesystem without permitting reading or writing files outside the root.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "os: FileInfo can escape from a Root in golang os module",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27139"
},
{
"category": "external",
"summary": "RHBZ#2445335",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445335"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27139",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27139"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"category": "external",
"summary": "https://go.dev/cl/749480",
"url": "https://go.dev/cl/749480"
},
{
"category": "external",
"summary": "https://go.dev/issue/77827",
"url": "https://go.dev/issue/77827"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4602",
"url": "https://pkg.go.dev/vuln/GO-2026-4602"
}
],
"release_date": "2026-03-06T21:28:14.451000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.5,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "os: FileInfo can escape from a Root in golang os module"
},
{
"cve": "CVE-2026-27141",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-02-26T20:09:11.626155+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2443104"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/http2. A remote attacker can exploit this vulnerability by sending specially crafted HTTP/2 frames, which are data packets used in the HTTP/2 protocol. Due to a missing check for null values, processing these specific frames (types 0x0a through 0x0f) can cause the server to crash. This leads to a Denial of Service (DoS) condition, making the affected server unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/http2: golang.org/x/net/http2: Denial of Service due to malformed HTTP/2 frames",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27141"
},
{
"category": "external",
"summary": "RHBZ#2443104",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2443104"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27141",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27141"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27141",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27141"
},
{
"category": "external",
"summary": "https://go.dev/cl/746180",
"url": "https://go.dev/cl/746180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77652",
"url": "https://go.dev/issue/77652"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4559",
"url": "https://pkg.go.dev/vuln/GO-2026-4559"
}
],
"release_date": "2026-02-26T18:50:31.830000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/net/http2: golang.org/x/net/http2: Denial of Service due to malformed HTTP/2 frames"
},
{
"cve": "CVE-2026-27143",
"cwe": {
"id": "CWE-733",
"name": "Compiler Optimization Removal or Modification of Security-critical Code"
},
"discovery_date": "2026-04-08T02:01:29.491546+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456342"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the cmd/compile package in the Go standard library. The compiler fails to correctly check for integer overflow or underflow in arithmetic operations involving loop induction variables. As a result, the compiler allows invalid memory indexing to occur at runtime, potentially leading to memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: cmd/compile: possible memory corruption after bound check elimination",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is only exploitable in applications that contain a loop structure that relies on an induction variable. An induction variable is a variable that gets modified, usually incremented or decremented, by a predictable amount on each iteration. Inside the loop, the induction variable must be directly used as the index to access or modify elements within an array or a slice. Additionally, an attacker must be able to cause an integer overflow or underflow in the induction variable to trigger this issue. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27143"
},
{
"category": "external",
"summary": "RHBZ#2456342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456342"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27143",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27143"
},
{
"category": "external",
"summary": "https://go.dev/cl/763765",
"url": "https://go.dev/cl/763765"
},
{
"category": "external",
"summary": "https://go.dev/issue/78333",
"url": "https://go.dev/issue/78333"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4868",
"url": "https://pkg.go.dev/vuln/GO-2026-4868"
}
],
"release_date": "2026-04-08T01:06:57.168000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, strictly sanitize and enforce bounds checking on any untrusted user input that influences loop counters, iteration limits, or memory indices. If there is no integer overflow or underflow, the out-of-bounds access cannot occur.",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: cmd/compile: possible memory corruption after bound check elimination"
},
{
"cve": "CVE-2026-27144",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"discovery_date": "2026-04-08T02:01:22.896153+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456340"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the cmd/compile package in the Go standard library. A no-op interface conversion prevented the compiler from correctly identifying non-overlapping memory moves. As a result, the compiler allows unsafe memory move operations to occur at runtime, potentially causing data corruption, memory corruption or unexpected application behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: cmd/compile: no-op interface conversion bypasses overlap checking",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is only exploitable in applications that contain a memory move or copy operation that is subject to a no-op (no-operation) interface conversion. Furthermore, the source and destination memory addresses involved in the move or copy must overlap and an attacker must be able to supply an input that triggers this specific operation. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27144"
},
{
"category": "external",
"summary": "RHBZ#2456340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456340"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27144"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27144",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27144"
},
{
"category": "external",
"summary": "https://go.dev/cl/763764",
"url": "https://go.dev/cl/763764"
},
{
"category": "external",
"summary": "https://go.dev/issue/78371",
"url": "https://go.dev/issue/78371"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4867",
"url": "https://pkg.go.dev/vuln/GO-2026-4867"
}
],
"release_date": "2026-04-08T01:06:56.908000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "workaround",
"details": "To mitigate this issue, review code that performs memory copies or struct assignments. If data is being passed through an interface (such as \u0027any\u0027 or \u0027interface{}\u0027) just before a move operation, refactor the code to use concrete types or explicit pointers instead.",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: cmd/compile: no-op interface conversion bypasses overlap checking"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
},
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
},
{
"cve": "CVE-2026-32288",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:00:57.624222+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456332"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `archive/tar` package. A remote attacker could exploit this vulnerability by providing a maliciously-crafted archive file. When the `tar.Reader` processes an archive containing a large number of sparse regions in the \"old GNU sparse map\" format, it can lead to unbounded memory allocation. This can result in a Denial of Service (DoS) condition, making the affected application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "archive/tar: golang: Go\u0027s archive/tar package: Denial of Service via maliciously-crafted archive",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32288"
},
{
"category": "external",
"summary": "RHBZ#2456332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456332"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32288",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32288"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32288",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32288"
},
{
"category": "external",
"summary": "https://go.dev/cl/763766",
"url": "https://go.dev/cl/763766"
},
{
"category": "external",
"summary": "https://go.dev/issue/78301",
"url": "https://go.dev/issue/78301"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4869",
"url": "https://pkg.go.dev/vuln/GO-2026-4869"
}
],
"release_date": "2026-04-08T01:06:57.416000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "archive/tar: golang: Go\u0027s archive/tar package: Denial of Service via maliciously-crafted archive"
},
{
"cve": "CVE-2026-32289",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-04-08T02:01:05.911683+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456334"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `html/template` package. This vulnerability arises from improper tracking of context and brace depth within JavaScript (JS) template literals. A remote attacker could exploit these issues to cause content to be incorrectly or improperly escaped, leading to Cross-Site Scripting (XSS) vulnerabilities. This could allow an attacker to inject malicious scripts into web pages viewed by other users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32289"
},
{
"category": "external",
"summary": "RHBZ#2456334",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456334"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32289",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32289"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"category": "external",
"summary": "https://go.dev/cl/763762",
"url": "https://go.dev/cl/763762"
},
{
"category": "external",
"summary": "https://go.dev/issue/78331",
"url": "https://go.dev/issue/78331"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4865",
"url": "https://pkg.go.dev/vuln/GO-2026-4865"
}
],
"release_date": "2026-04-08T01:06:56.297000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals"
},
{
"cve": "CVE-2026-33809",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2026-03-25T19:01:55.384019+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451437"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/image/tiff. A remote attacker could exploit this vulnerability by providing a maliciously crafted Tagged Image File Format (TIFF) file. This could cause the image decoding process to attempt to allocate up to 4 gigabytes (GiB) of memory. The excessive resource consumption or an out-of-memory error would lead to a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: golang.org/x/image/tiff: golang.org/x/image/tiff: Denial of Service via maliciously crafted TIFF file",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33809"
},
{
"category": "external",
"summary": "RHBZ#2451437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451437"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33809",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33809"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33809",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33809"
},
{
"category": "external",
"summary": "https://go.dev/cl/757660",
"url": "https://go.dev/cl/757660"
},
{
"category": "external",
"summary": "https://go.dev/issue/78267",
"url": "https://go.dev/issue/78267"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4815",
"url": "https://pkg.go.dev/vuln/GO-2026-4815"
}
],
"release_date": "2026-03-25T18:24:04.222000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: golang.org/x/image/tiff: golang.org/x/image/tiff: Denial of Service via maliciously crafted TIFF file"
},
{
"cve": "CVE-2026-33813",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2026-04-21T20:01:02.224363+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2460221"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/image. A remote attacker could exploit this vulnerability by providing a specially crafted WEBP image with an invalid, large size. This could cause the application to panic and crash on 32-bit platforms, leading to a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/image: golang: golang.org/x/image: Denial of Service via malformed WEBP image parsing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33813"
},
{
"category": "external",
"summary": "RHBZ#2460221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460221"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33813",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33813"
},
{
"category": "external",
"summary": "https://go.dev/cl/759860",
"url": "https://go.dev/cl/759860"
},
{
"category": "external",
"summary": "https://go.dev/issue/78407",
"url": "https://go.dev/issue/78407"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4961",
"url": "https://pkg.go.dev/vuln/GO-2026-4961"
}
],
"release_date": "2026-04-21T19:21:27.644000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-10T14:24:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-25-main@aarch64",
"Red Hat Hardened Images:golang1-25-main@noarch",
"Red Hat Hardened Images:golang1-25-main@src",
"Red Hat Hardened Images:golang1-25-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/image: golang: golang.org/x/image: Denial of Service via malformed WEBP image parsing"
}
]
}
RHSA-2026:8291
Vulnerability from csaf_redhat - Published: 2026-04-15 10:20 - Updated: 2026-07-01 19:41A flaw was found in golang.org/x/image. A remote attacker could exploit this vulnerability by providing a specially crafted WEBP image with an invalid, large size. This could cause the application to panic and crash on 32-bit platforms, leading to a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Hardened Images:golang1-26-main@aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-26-main@noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-26-main@src | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Hardened Images:golang1-26-main@x86_64 | — |
Vendor Fix
fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Red Hat Hardened Images RPMs is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "This update includes the following RPMs:\n\ngolang1.26:\n * golang1.26-1.26.2-1.1.hum1 (aarch64, x86_64)\n * golang1.26-bin-1.26.2-1.1.hum1 (aarch64, x86_64)\n * golang1.26-docs-1.26.2-1.1.hum1 (noarch)\n * golang1.26-misc-1.26.2-1.1.hum1 (noarch)\n * golang1.26-shared-1.26.2-1.1.hum1 (aarch64, x86_64)\n * golang1.26-src-1.26.2-1.1.hum1 (noarch)\n * golang1.26-tests-1.26.2-1.1.hum1 (noarch)\n * golang1.26-1.26.2-1.1.hum1.src (src)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:8291",
"url": "https://access.redhat.com/errata/RHSA-2026:8291"
},
{
"category": "external",
"summary": "https://images.redhat.com/",
"url": "https://images.redhat.com/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33813",
"url": "https://access.redhat.com/security/cve/CVE-2026-33813"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42503",
"url": "https://access.redhat.com/security/cve/CVE-2026-42503"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_8291.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update",
"tracking": {
"current_release_date": "2026-07-01T19:41:35+00:00",
"generator": {
"date": "2026-07-01T19:41:35+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:8291",
"initial_release_date": "2026-04-15T10:20:34+00:00",
"revision_history": [
{
"date": "2026-04-15T10:20:34+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-07T03:11:38+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T19:41:35+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Hardened Images",
"product": {
"name": "Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:hummingbird:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Hardened Images"
},
{
"branches": [
{
"category": "product_version",
"name": "golang1-26-main@aarch64",
"product": {
"name": "golang1-26-main@aarch64",
"product_id": "golang1-26-main@aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang1.26@1.26.2-1.1.hum1?arch=aarch64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-aarch64-rpms"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "golang1-26-main@src",
"product": {
"name": "golang1-26-main@src",
"product_id": "golang1-26-main@src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang1.26@1.26.2-1.1.hum1?arch=src\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-source-rpms"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang1-26-main@x86_64",
"product": {
"name": "golang1-26-main@x86_64",
"product_id": "golang1-26-main@x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang1.26@1.26.2-1.1.hum1?arch=x86_64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-x86_64-rpms"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "golang1-26-main@noarch",
"product": {
"name": "golang1-26-main@noarch",
"product_id": "golang1-26-main@noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang1.26-docs@1.26.2-1.1.hum1?arch=noarch\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-x86_64-rpms"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "golang1-26-main@aarch64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:golang1-26-main@aarch64"
},
"product_reference": "golang1-26-main@aarch64",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang1-26-main@noarch as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:golang1-26-main@noarch"
},
"product_reference": "golang1-26-main@noarch",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang1-26-main@src as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:golang1-26-main@src"
},
"product_reference": "golang1-26-main@src",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang1-26-main@x86_64 as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:golang1-26-main@x86_64"
},
"product_reference": "golang1-26-main@x86_64",
"relates_to_product_reference": "Red Hat Hardened Images"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33813",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2026-04-21T20:01:02.224363+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2460221"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/image. A remote attacker could exploit this vulnerability by providing a specially crafted WEBP image with an invalid, large size. This could cause the application to panic and crash on 32-bit platforms, leading to a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/image: golang: golang.org/x/image: Denial of Service via malformed WEBP image parsing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:golang1-26-main@aarch64",
"Red Hat Hardened Images:golang1-26-main@noarch",
"Red Hat Hardened Images:golang1-26-main@src",
"Red Hat Hardened Images:golang1-26-main@x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33813"
},
{
"category": "external",
"summary": "RHBZ#2460221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460221"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33813",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33813"
},
{
"category": "external",
"summary": "https://go.dev/cl/759860",
"url": "https://go.dev/cl/759860"
},
{
"category": "external",
"summary": "https://go.dev/issue/78407",
"url": "https://go.dev/issue/78407"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4961",
"url": "https://pkg.go.dev/vuln/GO-2026-4961"
}
],
"release_date": "2026-04-21T19:21:27.644000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-15T10:20:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:golang1-26-main@aarch64",
"Red Hat Hardened Images:golang1-26-main@noarch",
"Red Hat Hardened Images:golang1-26-main@src",
"Red Hat Hardened Images:golang1-26-main@x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:8291"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:golang1-26-main@aarch64",
"Red Hat Hardened Images:golang1-26-main@noarch",
"Red Hat Hardened Images:golang1-26-main@src",
"Red Hat Hardened Images:golang1-26-main@x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/image: golang: golang.org/x/image: Denial of Service via malformed WEBP image parsing"
}
]
}
WID-SEC-W-2026-1328
Vulnerability from csaf_certbund - Published: 2026-05-03 22:00 - Updated: 2026-06-08 22:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Multicluster Global Hub <1.5.4
Red Hat / Enterprise Linux
|
Multicluster Global Hub <1.5.4 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Red Hat Enterprise Linux Hardened Images RPMs
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:hardened_images_rpms
|
Hardened Images RPMs | |
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
HCL BigFix WebUI
HCL / BigFix
|
cpe:/a:hcltech:bigfix:webui
|
WebUI | |
|
IBM Storage Scale <6.0.1.0
IBM / Storage Scale
|
<6.0.1.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
IBM Storage Scale <5.2.3.8
IBM / Storage Scale
|
<5.2.3.8 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Multicluster Global Hub <1.5.4
Red Hat / Enterprise Linux
|
Multicluster Global Hub <1.5.4 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Red Hat Enterprise Linux Hardened Images RPMs
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:hardened_images_rpms
|
Hardened Images RPMs | |
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
HCL BigFix WebUI
HCL / BigFix
|
cpe:/a:hcltech:bigfix:webui
|
WebUI | |
|
IBM Storage Scale <6.0.1.0
IBM / Storage Scale
|
<6.0.1.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
IBM Storage Scale <5.2.3.8
IBM / Storage Scale
|
<5.2.3.8 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Multicluster Global Hub <1.5.4
Red Hat / Enterprise Linux
|
Multicluster Global Hub <1.5.4 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Red Hat Enterprise Linux Hardened Images RPMs
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:hardened_images_rpms
|
Hardened Images RPMs | |
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
HCL BigFix WebUI
HCL / BigFix
|
cpe:/a:hcltech:bigfix:webui
|
WebUI | |
|
IBM Storage Scale <6.0.1.0
IBM / Storage Scale
|
<6.0.1.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
IBM Storage Scale <5.2.3.8
IBM / Storage Scale
|
<5.2.3.8 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Multicluster Global Hub <1.5.4
Red Hat / Enterprise Linux
|
Multicluster Global Hub <1.5.4 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Red Hat Enterprise Linux Hardened Images RPMs
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:hardened_images_rpms
|
Hardened Images RPMs | |
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
HCL BigFix WebUI
HCL / BigFix
|
cpe:/a:hcltech:bigfix:webui
|
WebUI | |
|
IBM Storage Scale <6.0.1.0
IBM / Storage Scale
|
<6.0.1.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
IBM Storage Scale <5.2.3.8
IBM / Storage Scale
|
<5.2.3.8 |
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat Enterprise Linux (RHEL) ist eine popul\u00e4re Linux-Distribution.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Red Hat Hardened Images RPMs ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren oder Daten zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1328 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1328.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1328 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1328"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:12430 vom 2026-05-03",
"url": "https://access.redhat.com/errata/RHSA-2026:12430"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:12682 vom 2026-05-03",
"url": "https://access.redhat.com/errata/RHSA-2026:12682"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:7655 vom 2026-05-03",
"url": "https://access.redhat.com/errata/RHSA-2026:7655"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:8291 vom 2026-05-03",
"url": "https://access.redhat.com/errata/RHSA-2026:8291"
},
{
"category": "external",
"summary": "NIST CVE-2026-33813 vom 2026-05-03",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33813"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:7378 vom 2026-05-04",
"url": "https://access.redhat.com/errata/RHSA-2026:7378"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2026-C66EAAE759 vom 2026-05-06",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2026-c66eaae759"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10682-1 vom 2026-05-06",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XLRSQ4ZEPLCSV4ZOWTAQ6SMT4FCRCX66/"
},
{
"category": "external",
"summary": "HCL Security Bulletin",
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0130587"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2026-8DF732BE8A vom 2026-05-11",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2026-8df732be8a"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7273145 vom 2026-05-15",
"url": "https://www.ibm.com/support/pages/node/7273145"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:21769 vom 2026-05-28",
"url": "https://access.redhat.com/errata/RHSA-2026:21769"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7274746 vom 2026-06-01",
"url": "https://www.ibm.com/support/pages/node/7274746"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:22347 vom 2026-06-02",
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7275270 vom 2026-06-05",
"url": "https://www.ibm.com/support/pages/node/7275270"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:24503 vom 2026-06-08",
"url": "https://access.redhat.com/errata/RHSA-2026:24503"
}
],
"source_lang": "en-US",
"title": "Red Hat Hardened Images RPMs: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-06-08T22:00:00.000+00:00",
"generator": {
"date": "2026-06-09T09:02:19.018+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-1328",
"initial_release_date": "2026-05-03T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-05-03T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-05-05T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2026-05-06T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2026-05-10T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von HCL aufgenommen"
},
{
"date": "2026-05-11T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2026-05-17T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-05-28T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-06-01T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von IBM und Red Hat aufgenommen"
},
{
"date": "2026-06-07T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-06-08T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "10"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "WebUI",
"product": {
"name": "HCL BigFix WebUI",
"product_id": "T036098",
"product_identification_helper": {
"cpe": "cpe:/a:hcltech:bigfix:webui"
}
}
}
],
"category": "product_name",
"name": "BigFix"
}
],
"category": "vendor",
"name": "HCL"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM MQ",
"product": {
"name": "IBM MQ",
"product_id": "T021398",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:-"
}
}
},
{
"category": "product_name",
"name": "IBM QRadar SIEM",
"product": {
"name": "IBM QRadar SIEM",
"product_id": "T021415",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c5.2.3.8",
"product": {
"name": "IBM Storage Scale \u003c5.2.3.8",
"product_id": "T055027"
}
},
{
"category": "product_version",
"name": "5.2.3.8",
"product": {
"name": "IBM Storage Scale 5.2.3.8",
"product_id": "T055027-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_scale:5.2.3.8"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.0.1.0",
"product": {
"name": "IBM Storage Scale \u003c6.0.1.0",
"product_id": "T055028"
}
},
{
"category": "product_version",
"name": "6.0.1.0",
"product": {
"name": "IBM Storage Scale 6.0.1.0",
"product_id": "T055028-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_scale:6.0.1.0"
}
}
}
],
"category": "product_name",
"name": "Storage Scale"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_version",
"name": "Hardened Images RPMs",
"product": {
"name": "Red Hat Enterprise Linux Hardened Images RPMs",
"product_id": "T053469",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:hardened_images_rpms"
}
}
},
{
"category": "product_version_range",
"name": "Multicluster Global Hub \u003c1.5.4",
"product": {
"name": "Red Hat Enterprise Linux Multicluster Global Hub \u003c1.5.4",
"product_id": "T054839"
}
},
{
"category": "product_version",
"name": "Multicluster Global Hub 1.5.4",
"product": {
"name": "Red Hat Enterprise Linux Multicluster Global Hub 1.5.4",
"product_id": "T054839-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:multicluster_global_hub__1.5.4"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-2625",
"product_status": {
"known_affected": [
"T054839",
"67646",
"T021415",
"T027843",
"T053469",
"T021398",
"T036098",
"T055028",
"74185",
"T055027"
]
},
"release_date": "2026-05-03T22:00:00.000+00:00",
"title": "CVE-2026-2625"
},
{
"cve": "CVE-2026-2950",
"product_status": {
"known_affected": [
"T054839",
"67646",
"T021415",
"T027843",
"T053469",
"T021398",
"T036098",
"T055028",
"74185",
"T055027"
]
},
"release_date": "2026-05-03T22:00:00.000+00:00",
"title": "CVE-2026-2950"
},
{
"cve": "CVE-2026-33813",
"product_status": {
"known_affected": [
"T054839",
"67646",
"T021415",
"T027843",
"T053469",
"T021398",
"T036098",
"T055028",
"74185",
"T055027"
]
},
"release_date": "2026-05-03T22:00:00.000+00:00",
"title": "CVE-2026-33813"
},
{
"cve": "CVE-2026-42371",
"product_status": {
"known_affected": [
"T054839",
"67646",
"T021415",
"T027843",
"T053469",
"T021398",
"T036098",
"T055028",
"74185",
"T055027"
]
},
"release_date": "2026-05-03T22:00:00.000+00:00",
"title": "CVE-2026-42371"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.