Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-39820 (GCVE-0-2026-39820)
Vulnerability from cvelistv5 – Published: 2026-05-07 19:41 – Updated: 2026-07-06 12:04| URL | Tags |
|---|---|
| https://go.dev/issue/78566 | |
| https://go.dev/cl/759940 | |
| https://groups.google.com/g/golang-announce/c/qcC… | |
| https://pkg.go.dev/vuln/GO-2026-4986 | |
| https://access.redhat.com/security/cve/CVE-2026-39820 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2467820 | issue-trackingx_refsource_REDHAT |
| https://security.access.redhat.com/data/csaf/v2/v… | x_sadp-csaf-vex |
| https://access.redhat.com/errata/RHSA-2026:34364 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:33574 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:33120 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:33123 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:33142 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:33150 | vendor-advisoryx_refsource_REDHAT |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-39820",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-08T14:27:51.595266Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-08T14:27:54.923Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/a:redhat:logging:6.4::el9"
],
"defaultStatus": "affected",
"product": "Logging Subsystem for Red Hat OpenShift 6.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhdh:1.9::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Developer Hub 1.9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.0::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.1::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3.1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.2::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.3::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:assisted_installer:2"
],
"defaultStatus": "affected",
"product": "Assisted Installer for Red Hat OpenShift Container Platform 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:cert_manager:1"
],
"defaultStatus": "affected",
"product": "cert-manager Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:confidential_compute_attestation:1"
],
"defaultStatus": "affected",
"product": "Confidential Compute Attestation",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:cryostat:4"
],
"defaultStatus": "affected",
"product": "Cryostat 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_custom_metrics_autoscaler:2"
],
"defaultStatus": "affected",
"product": "Custom Metric Autoscaler operator for Red Hat Openshift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:external_secrets_operator:1"
],
"defaultStatus": "affected",
"product": "External Secrets Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_file_integrity_operator:1"
],
"defaultStatus": "affected",
"product": "File Integrity Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:lvms:4"
],
"defaultStatus": "affected",
"product": "Logical Volume Manager Storage",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:migration_toolkit_applications:8"
],
"defaultStatus": "affected",
"product": "Migration Toolkit for Applications 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhmt:1"
],
"defaultStatus": "affected",
"product": "Migration Toolkit for Containers",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multiarch_tuning_operator"
],
"defaultStatus": "affected",
"product": "Multiarch Tuning Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:network_observ_optr:1"
],
"defaultStatus": "affected",
"product": "Network Observability Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_api_data_protection:1"
],
"defaultStatus": "affected",
"product": "OpenShift API for Data Protection",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ocp_tools"
],
"defaultStatus": "affected",
"product": "OpenShift Developer Tools and Services",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_lightspeed"
],
"defaultStatus": "affected",
"product": "OpenShift Lightspeed",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "affected",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:serverless:1"
],
"defaultStatus": "affected",
"product": "OpenShift Serverless",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:2"
],
"defaultStatus": "affected",
"product": "OpenShift Service Mesh 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3"
],
"defaultStatus": "affected",
"product": "OpenShift Service Mesh 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_power_monitoring"
],
"defaultStatus": "affected",
"product": "Power monitoring for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ceph_storage:5"
],
"defaultStatus": "affected",
"product": "Red Hat Ceph Storage 5",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ceph_storage:6"
],
"defaultStatus": "affected",
"product": "Red Hat Ceph Storage 6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ceph_storage:9"
],
"defaultStatus": "affected",
"product": "Red Hat Ceph Storage 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:certifications:9"
],
"defaultStatus": "affected",
"product": "Red Hat Certification Program for Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux_ai:3"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:hummingbird:1"
],
"defaultStatus": "affected",
"product": "Red Hat Hardened Images",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_cluster_manager_cli:1"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Cluster Manager CLI",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4"
],
"defaultStatus": "affected",
"product": "Red Hat Openshift Data Foundation 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Dev Spaces",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:devworkspace"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Dev Workspaces Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift distributed tracing 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:windows_machine_config"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift for Windows Containers",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_gitops:1"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift GitOps",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openstack:18.0"
],
"defaultStatus": "affected",
"product": "Red Hat OpenStack Platform 18.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_interconnect:1"
],
"defaultStatus": "affected",
"product": "Red Hat Service Interconnect 1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_interconnect:2"
],
"defaultStatus": "affected",
"product": "Red Hat Service Interconnect 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1"
],
"defaultStatus": "affected",
"product": "Red Hat Trusted Artifact Signer",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_security_profiles_operator:1"
],
"defaultStatus": "affected",
"product": "Security Profiles Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:1"
],
"defaultStatus": "affected",
"product": "Zero Trust Workload Identity Manager",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:0"
],
"defaultStatus": "affected",
"product": "Zero Trust Workload Identity Manager - Tech Preview",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openstack:16.2"
],
"defaultStatus": "unaffected",
"product": "Red Hat OpenStack Platform 16.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openstack:17.1"
],
"defaultStatus": "unaffected",
"product": "Red Hat OpenStack Platform 17.1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:gatekeeper:3"
],
"defaultStatus": "unknown",
"product": "Gatekeeper 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_globalhub"
],
"defaultStatus": "unknown",
"product": "Multicluster Global Hub",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unknown",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:edge_manager:1"
],
"defaultStatus": "unknown",
"product": "Red Hat Edge Manager 1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:lightspeed_for_runtimes:1"
],
"defaultStatus": "unknown",
"product": "Red Hat Lightspeed for Runtimes Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:satellite:6"
],
"defaultStatus": "unknown",
"product": "Red Hat Satellite 6",
"vendor": "Red Hat"
}
],
"datePublic": "2026-05-07T19:41:19.854Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-606",
"description": "Unchecked Input for Loop Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-06T12:04:51.734Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"name": "RHBZ#2467820",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467820"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39820.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33120"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33123"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33142"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33150"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:34364: Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"lang": "en",
"value": "RHSA-2026:33574: Red Hat Developer Hub 1.9"
},
{
"lang": "en",
"value": "RHSA-2026:33120: Red Hat OpenShift Service Mesh 3.0"
},
{
"lang": "en",
"value": "RHSA-2026:33123: Red Hat OpenShift Service Mesh 3.1"
},
{
"lang": "en",
"value": "RHSA-2026:33142: Red Hat OpenShift Service Mesh 3.2"
},
{
"lang": "en",
"value": "RHSA-2026:33150: Red Hat OpenShift Service Mesh 3.3"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-07T20:01:27.800Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-05-07T19:41:19.854Z",
"value": "Made public."
}
],
"title": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "net/mail",
"product": "net/mail",
"programRoutines": [
{
"name": "addrParser.consumeComment"
},
{
"name": "AddressParser.Parse"
},
{
"name": "AddressParser.ParseList"
},
{
"name": "Header.AddressList"
},
{
"name": "Header.Date"
},
{
"name": "ParseAddress"
},
{
"name": "ParseAddressList"
},
{
"name": "ParseDate"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.25.10",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.26.3",
"status": "affected",
"version": "1.26.0-0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "thatnealpatel"
}
],
"descriptions": [
{
"lang": "en",
"value": "Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-407: Inefficient Algorithmic Complexity",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-07T19:41:19.854Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/issue/78566"
},
{
"url": "https://go.dev/cl/759940"
},
{
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"url": "https://pkg.go.dev/vuln/GO-2026-4986"
}
],
"title": "Quadratic string concatentation in consumeComment in net/mail"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2026-39820",
"datePublished": "2026-05-07T19:41:19.854Z",
"dateReserved": "2026-04-07T18:13:03.526Z",
"dateUpdated": "2026-07-06T12:04:51.734Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-39820",
"date": "2026-07-07",
"epss": "0.00784",
"percentile": "0.51616"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-39820\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2026-05-07T20:16:43.187\",\"lastModified\":\"2026-07-02T12:17:11.933\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations.\"}],\"affected\":[{\"source\":\"security@golang.org\",\"affectedData\":[{\"vendor\":\"Go standard library\",\"product\":\"net/mail\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://pkg.go.dev\",\"packageName\":\"net/mail\",\"programRoutines\":[{\"name\":\"addrParser.consumeComment\"},{\"name\":\"AddressParser.Parse\"},{\"name\":\"AddressParser.ParseList\"},{\"name\":\"Header.AddressList\"},{\"name\":\"Header.Date\"},{\"name\":\"ParseAddress\"},{\"name\":\"ParseAddressList\"},{\"name\":\"ParseDate\"}],\"versions\":[{\"version\":\"0\",\"lessThan\":\"1.25.10\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"1.26.0-0\",\"lessThan\":\"1.26.3\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"affectedData\":[{\"vendor\":\"Red Hat\",\"product\":\"Logging Subsystem for Red Hat OpenShift 6.4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:logging:6.4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Developer Hub 1.9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhdh:1.9::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 3.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3.0::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 3.1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3.1::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 3.2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3.2::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 3.3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3.3::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Assisted Installer for Red Hat OpenShift Container Platform 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:assisted_installer:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"cert-manager Operator for Red Hat OpenShift\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:cert_manager:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Confidential Compute Attestation\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:confidential_compute_attestation:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Cryostat 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:cryostat:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Custom Metric Autoscaler operator for Red Hat Openshift\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_custom_metrics_autoscaler:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"External Secrets Operator for Red Hat OpenShift\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:external_secrets_operator:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"File Integrity Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_file_integrity_operator:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Logical Volume Manager Storage\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:lvms:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Migration Toolkit for Applications 8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:migration_toolkit_applications:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Migration Toolkit for Containers\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhmt:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multiarch Tuning Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multiarch_tuning_operator\"]},{\"vendor\":\"Red Hat\",\"product\":\"Network Observability Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:network_observ_optr:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift API for Data Protection\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_api_data_protection:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Developer Tools and Services\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ocp_tools\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Lightspeed\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_lightspeed\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Pipelines\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_pipelines:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Serverless\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:serverless:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Service Mesh 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Service Mesh 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Power monitoring for Red Hat OpenShift\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_power_monitoring\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Security 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:advanced_cluster_security:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ceph Storage 5\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ceph_storage:5\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ceph Storage 6\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ceph_storage:6\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ceph Storage 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ceph_storage:9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Certification Program for Red Hat Enterprise Linux 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:certifications:9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 10\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AI (RHEL AI) 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux_ai:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Hardened Images\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:hummingbird:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI (RHOAI)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_ai\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Cluster Manager CLI\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_cluster_manager_cli:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Dev Spaces\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_devspaces:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Dev Workspaces Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:devworkspace\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift distributed tracing 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_distributed_tracing:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift for Windows Containers\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:windows_machine_config\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift GitOps\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_gitops:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Virtualization 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenStack Platform 18.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openstack:18.0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Service Interconnect 1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_interconnect:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Service Interconnect 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_interconnect:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Trusted Artifact Signer\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:trusted_artifact_signer:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Security Profiles Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_security_profiles_operator:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Zero Trust Workload Identity Manager\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:zero_trust_workload_identity_manager:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Zero Trust Workload Identity Manager - Tech Preview\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:zero_trust_workload_identity_manager:0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenStack Platform 16.2\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:openstack:16.2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenStack Platform 17.1\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:openstack:17.1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Gatekeeper 3\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:gatekeeper:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Engine for Kubernetes\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Global Hub\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:multicluster_globalhub\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Management for Kubernetes 2\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:acm:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ansible Automation Platform 2\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:ansible_automation_platform:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Edge Manager 1\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:edge_manager:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Lightspeed for Runtimes Operator\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:lightspeed_for_runtimes:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Satellite 6\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:/a:redhat:satellite:6\"]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-05-08T14:27:51.595266Z\",\"id\":\"CVE-2026-39820\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-606\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.25.10\",\"matchCriteriaId\":\"1C966EF3-C51C-4239-B5FC-C44A5202FEC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.26.0\",\"versionEndExcluding\":\"1.26.3\",\"matchCriteriaId\":\"522E4CD0-2B99-4363-9C78-0BAFD988A2D6\"}]}]}],\"references\":[{\"url\":\"https://go.dev/cl/759940\",\"source\":\"security@golang.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://go.dev/issue/78566\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/qcCIEXso47M\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\",\"Mailing List\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2026-4986\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:33120\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:33123\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:33142\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:33150\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:33574\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:34364\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2026-39820\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2467820\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39820.json\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"net/mail: golang: Go net/mail: Denial of Service via crafted email inputs\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:logging:6.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Logging Subsystem for Red Hat OpenShift 6.4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhdh:1.9::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Developer Hub 1.9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 3.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3.1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 3.1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3.2::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 3.2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3.3::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 3.3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:assisted_installer:2\"], \"vendor\": \"Red Hat\", \"product\": \"Assisted Installer for Red Hat OpenShift Container Platform 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:cert_manager:1\"], \"vendor\": \"Red Hat\", \"product\": \"cert-manager Operator for Red Hat OpenShift\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:confidential_compute_attestation:1\"], \"vendor\": \"Red Hat\", \"product\": \"Confidential Compute Attestation\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:cryostat:4\"], \"vendor\": \"Red Hat\", \"product\": \"Cryostat 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_custom_metrics_autoscaler:2\"], \"vendor\": \"Red Hat\", \"product\": \"Custom Metric Autoscaler operator for Red Hat Openshift\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:external_secrets_operator:1\"], \"vendor\": \"Red Hat\", \"product\": \"External Secrets Operator for Red Hat OpenShift\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_file_integrity_operator:1\"], \"vendor\": \"Red Hat\", \"product\": \"File Integrity Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:lvms:4\"], \"vendor\": \"Red Hat\", \"product\": \"Logical Volume Manager Storage\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:migration_toolkit_applications:8\"], \"vendor\": \"Red Hat\", \"product\": \"Migration Toolkit for Applications 8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhmt:1\"], \"vendor\": \"Red Hat\", \"product\": \"Migration Toolkit for Containers\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multiarch_tuning_operator\"], \"vendor\": \"Red Hat\", \"product\": \"Multiarch Tuning Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:network_observ_optr:1\"], \"vendor\": \"Red Hat\", \"product\": \"Network Observability Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_api_data_protection:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift API for Data Protection\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ocp_tools\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Developer Tools and Services\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_lightspeed\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Lightspeed\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:serverless:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Serverless\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:2\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Service Mesh 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Service Mesh 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_power_monitoring\"], \"vendor\": \"Red Hat\", \"product\": \"Power monitoring for Red Hat OpenShift\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ceph_storage:5\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ceph Storage 5\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ceph_storage:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ceph Storage 6\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ceph_storage:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ceph Storage 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:certifications:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Certification Program for Red Hat Enterprise Linux 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_ai:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AI (RHEL AI) 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:hummingbird:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Hardened Images\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI (RHOAI)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_cluster_manager_cli:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Cluster Manager CLI\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_devspaces:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Dev Spaces\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:devworkspace\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Dev Workspaces Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_distributed_tracing:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift distributed tracing 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:windows_machine_config\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift for Windows Containers\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_gitops:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift GitOps\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Virtualization 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:18.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 18.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_interconnect:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Service Interconnect 1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_interconnect:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Service Interconnect 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:trusted_artifact_signer:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Trusted Artifact Signer\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_security_profiles_operator:1\"], \"vendor\": \"Red Hat\", \"product\": \"Security Profiles Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:zero_trust_workload_identity_manager:1\"], \"vendor\": \"Red Hat\", \"product\": \"Zero Trust Workload Identity Manager\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:zero_trust_workload_identity_manager:0\"], \"vendor\": \"Red Hat\", \"product\": \"Zero Trust Workload Identity Manager - Tech Preview\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:16.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 16.2\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:17.1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 17.1\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:gatekeeper:3\"], \"vendor\": \"Red Hat\", \"product\": \"Gatekeeper 3\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Engine for Kubernetes\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_globalhub\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Global Hub\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:edge_manager:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Edge Manager 1\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:lightspeed_for_runtimes:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Lightspeed for Runtimes Operator\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:satellite:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6\", \"defaultStatus\": \"unknown\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-05-07T20:01:27.800Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2026-05-07T19:41:19.854Z\", \"value\": \"Made public.\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"RHSA-2026:34364: Logging Subsystem for Red Hat OpenShift 6.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33574: Red Hat Developer Hub 1.9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33120: Red Hat OpenShift Service Mesh 3.0\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33123: Red Hat OpenShift Service Mesh 3.1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33142: Red Hat OpenShift Service Mesh 3.2\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33150: Red Hat OpenShift Service Mesh 3.3\"}], \"x_adpType\": \"supplier\", \"datePublic\": \"2026-05-07T19:41:19.854Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2026-39820\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2467820\", \"name\": \"RHBZ#2467820\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39820.json\", \"tags\": [\"x_sadp-csaf-vex\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:34364\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33574\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33120\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33123\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33142\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33150\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.\"}], \"x_generator\": {\"engine\": \"sadp-cli 1.0.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-606\", \"description\": \"Unchecked Input for Loop Condition\"}]}], \"providerMetadata\": {\"orgId\": \"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\", \"shortName\": \"redhat-SADP\", \"dateUpdated\": \"2026-07-06T12:04:51.734Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-39820\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-08T14:27:51.595266Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-08T14:27:47.966Z\"}}], \"cna\": {\"title\": \"Quadratic string concatentation in consumeComment in net/mail\", \"credits\": [{\"lang\": \"en\", \"value\": \"thatnealpatel\"}], \"affected\": [{\"vendor\": \"Go standard library\", \"product\": \"net/mail\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.25.10\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.26.0-0\", \"lessThan\": \"1.26.3\", \"versionType\": \"semver\"}], \"packageName\": \"net/mail\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"addrParser.consumeComment\"}, {\"name\": \"AddressParser.Parse\"}, {\"name\": \"AddressParser.ParseList\"}, {\"name\": \"Header.AddressList\"}, {\"name\": \"Header.Date\"}, {\"name\": \"ParseAddress\"}, {\"name\": \"ParseAddressList\"}, {\"name\": \"ParseDate\"}]}], \"references\": [{\"url\": \"https://go.dev/issue/78566\"}, {\"url\": \"https://go.dev/cl/759940\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/qcCIEXso47M\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2026-4986\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-407: Inefficient Algorithmic Complexity\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2026-05-07T19:41:19.854Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-39820\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-07-06T12:04:51.734Z\", \"dateReserved\": \"2026-04-07T18:13:03.526Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2026-05-07T19:41:19.854Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
OPENSUSE-SU-2026:10723-1
Vulnerability from csaf_opensuse - Published: 2026-05-08 00:00 - Updated: 2026-05-08 00:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "go1.25-1.25.10-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the go1.25-1.25.10-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10723",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10723-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33811 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33814 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39817 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39817/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39819 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39820 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39823 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39825 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39826 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39826/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39836 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42499 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42501 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42501/"
}
],
"title": "go1.25-1.25.10-1.1 on GA media",
"tracking": {
"current_release_date": "2026-05-08T00:00:00Z",
"generator": {
"date": "2026-05-08T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10723-1",
"initial_release_date": "2026-05-08T00:00:00Z",
"revision_history": [
{
"date": "2026-05-08T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.10-1.1.aarch64",
"product": {
"name": "go1.25-1.25.10-1.1.aarch64",
"product_id": "go1.25-1.25.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.10-1.1.aarch64",
"product": {
"name": "go1.25-doc-1.25.10-1.1.aarch64",
"product_id": "go1.25-doc-1.25.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-libstd-1.25.10-1.1.aarch64",
"product": {
"name": "go1.25-libstd-1.25.10-1.1.aarch64",
"product_id": "go1.25-libstd-1.25.10-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.10-1.1.aarch64",
"product": {
"name": "go1.25-race-1.25.10-1.1.aarch64",
"product_id": "go1.25-race-1.25.10-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.10-1.1.ppc64le",
"product": {
"name": "go1.25-1.25.10-1.1.ppc64le",
"product_id": "go1.25-1.25.10-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.10-1.1.ppc64le",
"product": {
"name": "go1.25-doc-1.25.10-1.1.ppc64le",
"product_id": "go1.25-doc-1.25.10-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.25-libstd-1.25.10-1.1.ppc64le",
"product": {
"name": "go1.25-libstd-1.25.10-1.1.ppc64le",
"product_id": "go1.25-libstd-1.25.10-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.10-1.1.ppc64le",
"product": {
"name": "go1.25-race-1.25.10-1.1.ppc64le",
"product_id": "go1.25-race-1.25.10-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.10-1.1.s390x",
"product": {
"name": "go1.25-1.25.10-1.1.s390x",
"product_id": "go1.25-1.25.10-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.10-1.1.s390x",
"product": {
"name": "go1.25-doc-1.25.10-1.1.s390x",
"product_id": "go1.25-doc-1.25.10-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.25-libstd-1.25.10-1.1.s390x",
"product": {
"name": "go1.25-libstd-1.25.10-1.1.s390x",
"product_id": "go1.25-libstd-1.25.10-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.10-1.1.s390x",
"product": {
"name": "go1.25-race-1.25.10-1.1.s390x",
"product_id": "go1.25-race-1.25.10-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.10-1.1.x86_64",
"product": {
"name": "go1.25-1.25.10-1.1.x86_64",
"product_id": "go1.25-1.25.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.10-1.1.x86_64",
"product": {
"name": "go1.25-doc-1.25.10-1.1.x86_64",
"product_id": "go1.25-doc-1.25.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-libstd-1.25.10-1.1.x86_64",
"product": {
"name": "go1.25-libstd-1.25.10-1.1.x86_64",
"product_id": "go1.25-libstd-1.25.10-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.10-1.1.x86_64",
"product": {
"name": "go1.25-race-1.25.10-1.1.x86_64",
"product_id": "go1.25-race-1.25.10-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64"
},
"product_reference": "go1.25-1.25.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le"
},
"product_reference": "go1.25-1.25.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x"
},
"product_reference": "go1.25-1.25.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64"
},
"product_reference": "go1.25-1.25.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x"
},
"product_reference": "go1.25-doc-1.25.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-libstd-1.25.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64"
},
"product_reference": "go1.25-libstd-1.25.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-libstd-1.25.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le"
},
"product_reference": "go1.25-libstd-1.25.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-libstd-1.25.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x"
},
"product_reference": "go1.25-libstd-1.25.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-libstd-1.25.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64"
},
"product_reference": "go1.25-libstd-1.25.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.10-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64"
},
"product_reference": "go1.25-race-1.25.10-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.10-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.10-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.10-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x"
},
"product_reference": "go1.25-race-1.25.10-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.10-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64"
},
"product_reference": "go1.25-race-1.25.10-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33811",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33811"
}
],
"notes": [
{
"category": "general",
"text": "When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33811",
"url": "https://www.suse.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "SUSE Bug 1264508 for CVE-2026-33811",
"url": "https://bugzilla.suse.com/1264508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-33811"
},
{
"cve": "CVE-2026-33814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33814"
}
],
"notes": [
{
"category": "general",
"text": "When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33814",
"url": "https://www.suse.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "SUSE Bug 1264506 for CVE-2026-33814",
"url": "https://bugzilla.suse.com/1264506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-33814"
},
{
"cve": "CVE-2026-39817",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39817"
}
],
"notes": [
{
"category": "general",
"text": "The \"go tool pack\" subcommand (usually used only by the compiler as an internal tool with known-good inputs) does not sanitize output filenames. Extracting a malicious archive file with the \"pack\" subcommand can write files to arbitrary locations on the filesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39817",
"url": "https://www.suse.com/security/cve/CVE-2026-39817"
},
{
"category": "external",
"summary": "SUSE Bug 1264505 for CVE-2026-39817",
"url": "https://bugzilla.suse.com/1264505"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-39817"
},
{
"cve": "CVE-2026-39819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39819"
}
],
"notes": [
{
"category": "general",
"text": "The \"go bug\" command writes to two files with predictable names in the system temporary directory (for example, \"/tmp\"). An attacker with access to the temporary directory can create a symlink in one of these names, causing \"go bug\" to overwrite the target of the symlink.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39819",
"url": "https://www.suse.com/security/cve/CVE-2026-39819"
},
{
"category": "external",
"summary": "SUSE Bug 1264504 for CVE-2026-39819",
"url": "https://bugzilla.suse.com/1264504"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-39819"
},
{
"cve": "CVE-2026-39820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39820"
}
],
"notes": [
{
"category": "general",
"text": "Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39820",
"url": "https://www.suse.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "SUSE Bug 1264503 for CVE-2026-39820",
"url": "https://bugzilla.suse.com/1264503"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-39820"
},
{
"cve": "CVE-2026-39823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39823"
}
],
"notes": [
{
"category": "general",
"text": "CVE-2026-27142 fixed a vulnerability in which URLs were not correctly escaped inside of a \u003cmeta\u003e tag\u0027s \u003ccontent\u003e attribute. If the URL content were to insert ASCII whitespaces around the \u0027=\u0027 rune inside of the \u003ccontent\u003e attribute, the escaper would fail to similarly escape it, leading to XSS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39823",
"url": "https://www.suse.com/security/cve/CVE-2026-39823"
},
{
"category": "external",
"summary": "SUSE Bug 1264509 for CVE-2026-39823",
"url": "https://bugzilla.suse.com/1264509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-39823"
},
{
"cve": "CVE-2026-39825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39825"
}
],
"notes": [
{
"category": "general",
"text": "ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery. ReverseProxy does not take ParseQuery\u0027s limit on the total number of query parameters (controlled by GODEBUG=urlmaxqueryparams=N) into account. This can permit ReverseProxy to forward a request containing a query parameter that is not visible to the Rewrite function. For example, the query \"a1=x\u0026a2=x\u0026...\u0026a10000=x\u0026hidden=y\" can forward the parameter \"hidden=y\" while hiding it from the proxy\u0027s Rewrite function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39825",
"url": "https://www.suse.com/security/cve/CVE-2026-39825"
},
{
"category": "external",
"summary": "SUSE Bug 1264500 for CVE-2026-39825",
"url": "https://bugzilla.suse.com/1264500"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-39825"
},
{
"cve": "CVE-2026-39826",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39826"
}
],
"notes": [
{
"category": "general",
"text": "If a trusted template author were to write a \u003cscript\u003e tag containing an empty \u0027type\u0027 attribute or a \u0027type\u0027 attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the \u003cscript\u003e block.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39826",
"url": "https://www.suse.com/security/cve/CVE-2026-39826"
},
{
"category": "external",
"summary": "SUSE Bug 1264507 for CVE-2026-39826",
"url": "https://bugzilla.suse.com/1264507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-39826"
},
{
"cve": "CVE-2026-39836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39836"
}
],
"notes": [
{
"category": "general",
"text": "The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL (0).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39836",
"url": "https://www.suse.com/security/cve/CVE-2026-39836"
},
{
"category": "external",
"summary": "SUSE Bug 1264501 for CVE-2026-39836",
"url": "https://bugzilla.suse.com/1264501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-39836"
},
{
"cve": "CVE-2026-42499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42499"
}
],
"notes": [
{
"category": "general",
"text": "Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42499",
"url": "https://www.suse.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "SUSE Bug 1264502 for CVE-2026-42499",
"url": "https://bugzilla.suse.com/1264502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-42499"
},
{
"cve": "CVE-2026-42501",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42501"
}
],
"notes": [
{
"category": "general",
"text": "A malicious module proxy can exploit a flaw in the go command\u0027s validation of module checksums to bypass checksum database validation. This vulnerability affects any user using an untrusted module proxy (GOMODPROXY) or checksum database (GOSUMDB). A malicious module proxy can serve altered versions of the Go toolchain. When selecting a different version of the Go toolchain than the currently installed toolchain (due to the GOTOOLCHAIN environment variable, or a go.work or go.mod with a toolchain line), the go command will download and execute a toolchain provided by the module proxy. A malicious module proxy can bypass checksum database validation for this downloaded toolchain. Since this vulnerability affects the security of toolchain downloads, setting GOTOOLCHAIN to a fixed version is not sufficient. You must upgrade your base Go toolchain. The go tool always validates the hash of a toolchain before executing it, so fixed versions will refuse to execute any cached, altered versions of the toolchain. The go tool trusts go.sum files to contain accurate hashes of the current module\u0027s dependencies. A malicious proxy exploiting this vulnerability to serve an altered module will have caused an incorrect hash to be recorded in the go.sum. Users who have configured a non-trusted GOPROXY can determine if they have been affected by running \"rm go.sum ; go mod tidy ; go mod verify\", which will revalidate all dependencies of the current module. The specific flaw in more detail: The go command consults the checksum database to validate downloaded modules, when a module is not listed in the go.sum file. It verifies that the module hash reported by the checksum database matches the hash of the downloaded module. If, however, the checksum database returns a successful response that contains no entry for the module, the go command incorrectly permitted validation to succeed. A module proxy may mirror or proxy the checksum database, in which case the go command will not connect to the checksum database directly. Checksums reported by the checksum database are cryptographically signed, so a malicious proxy cannot alter the reported checksum for a module. However, a proxy which returns an empty checksum response, or a checksum response for an unrelated module, could cause the go command to proceed as if a downloaded module has been validated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42501",
"url": "https://www.suse.com/security/cve/CVE-2026-42501"
},
{
"category": "external",
"summary": "SUSE Bug 1264499 for CVE-2026-42501",
"url": "https://bugzilla.suse.com/1264499"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-doc-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-libstd-1.25.10-1.1.x86_64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.aarch64",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.ppc64le",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.s390x",
"openSUSE Tumbleweed:go1.25-race-1.25.10-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-42501"
}
]
}
OPENSUSE-SU-2026:10741-1
Vulnerability from csaf_opensuse - Published: 2026-05-10 00:00 - Updated: 2026-05-10 00:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "go1.26-1.26.3-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the go1.26-1.26.3-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10741",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10741-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33811 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33814 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39817 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39817/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39819 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39820 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39823 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39825 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39826 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39826/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39836 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42499 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42501 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42501/"
}
],
"title": "go1.26-1.26.3-1.1 on GA media",
"tracking": {
"current_release_date": "2026-05-10T00:00:00Z",
"generator": {
"date": "2026-05-10T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10741-1",
"initial_release_date": "2026-05-10T00:00:00Z",
"revision_history": [
{
"date": "2026-05-10T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.26-1.26.3-1.1.aarch64",
"product": {
"name": "go1.26-1.26.3-1.1.aarch64",
"product_id": "go1.26-1.26.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.26-doc-1.26.3-1.1.aarch64",
"product": {
"name": "go1.26-doc-1.26.3-1.1.aarch64",
"product_id": "go1.26-doc-1.26.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.26-libstd-1.26.3-1.1.aarch64",
"product": {
"name": "go1.26-libstd-1.26.3-1.1.aarch64",
"product_id": "go1.26-libstd-1.26.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.26-race-1.26.3-1.1.aarch64",
"product": {
"name": "go1.26-race-1.26.3-1.1.aarch64",
"product_id": "go1.26-race-1.26.3-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.26-1.26.3-1.1.ppc64le",
"product": {
"name": "go1.26-1.26.3-1.1.ppc64le",
"product_id": "go1.26-1.26.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.26-doc-1.26.3-1.1.ppc64le",
"product": {
"name": "go1.26-doc-1.26.3-1.1.ppc64le",
"product_id": "go1.26-doc-1.26.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.26-libstd-1.26.3-1.1.ppc64le",
"product": {
"name": "go1.26-libstd-1.26.3-1.1.ppc64le",
"product_id": "go1.26-libstd-1.26.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.26-race-1.26.3-1.1.ppc64le",
"product": {
"name": "go1.26-race-1.26.3-1.1.ppc64le",
"product_id": "go1.26-race-1.26.3-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.26-1.26.3-1.1.s390x",
"product": {
"name": "go1.26-1.26.3-1.1.s390x",
"product_id": "go1.26-1.26.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.26-doc-1.26.3-1.1.s390x",
"product": {
"name": "go1.26-doc-1.26.3-1.1.s390x",
"product_id": "go1.26-doc-1.26.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.26-libstd-1.26.3-1.1.s390x",
"product": {
"name": "go1.26-libstd-1.26.3-1.1.s390x",
"product_id": "go1.26-libstd-1.26.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.26-race-1.26.3-1.1.s390x",
"product": {
"name": "go1.26-race-1.26.3-1.1.s390x",
"product_id": "go1.26-race-1.26.3-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.26-1.26.3-1.1.x86_64",
"product": {
"name": "go1.26-1.26.3-1.1.x86_64",
"product_id": "go1.26-1.26.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.26-doc-1.26.3-1.1.x86_64",
"product": {
"name": "go1.26-doc-1.26.3-1.1.x86_64",
"product_id": "go1.26-doc-1.26.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.26-libstd-1.26.3-1.1.x86_64",
"product": {
"name": "go1.26-libstd-1.26.3-1.1.x86_64",
"product_id": "go1.26-libstd-1.26.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.26-race-1.26.3-1.1.x86_64",
"product": {
"name": "go1.26-race-1.26.3-1.1.x86_64",
"product_id": "go1.26-race-1.26.3-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64"
},
"product_reference": "go1.26-1.26.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le"
},
"product_reference": "go1.26-1.26.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x"
},
"product_reference": "go1.26-1.26.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64"
},
"product_reference": "go1.26-1.26.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64"
},
"product_reference": "go1.26-doc-1.26.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le"
},
"product_reference": "go1.26-doc-1.26.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x"
},
"product_reference": "go1.26-doc-1.26.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64"
},
"product_reference": "go1.26-doc-1.26.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-libstd-1.26.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64"
},
"product_reference": "go1.26-libstd-1.26.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-libstd-1.26.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le"
},
"product_reference": "go1.26-libstd-1.26.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-libstd-1.26.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x"
},
"product_reference": "go1.26-libstd-1.26.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-libstd-1.26.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64"
},
"product_reference": "go1.26-libstd-1.26.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64"
},
"product_reference": "go1.26-race-1.26.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le"
},
"product_reference": "go1.26-race-1.26.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x"
},
"product_reference": "go1.26-race-1.26.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64"
},
"product_reference": "go1.26-race-1.26.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33811",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33811"
}
],
"notes": [
{
"category": "general",
"text": "When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33811",
"url": "https://www.suse.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "SUSE Bug 1264508 for CVE-2026-33811",
"url": "https://bugzilla.suse.com/1264508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-10T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-33811"
},
{
"cve": "CVE-2026-33814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33814"
}
],
"notes": [
{
"category": "general",
"text": "When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33814",
"url": "https://www.suse.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "SUSE Bug 1264506 for CVE-2026-33814",
"url": "https://bugzilla.suse.com/1264506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-10T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-33814"
},
{
"cve": "CVE-2026-39817",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39817"
}
],
"notes": [
{
"category": "general",
"text": "The \"go tool pack\" subcommand (usually used only by the compiler as an internal tool with known-good inputs) does not sanitize output filenames. Extracting a malicious archive file with the \"pack\" subcommand can write files to arbitrary locations on the filesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39817",
"url": "https://www.suse.com/security/cve/CVE-2026-39817"
},
{
"category": "external",
"summary": "SUSE Bug 1264505 for CVE-2026-39817",
"url": "https://bugzilla.suse.com/1264505"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-10T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-39817"
},
{
"cve": "CVE-2026-39819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39819"
}
],
"notes": [
{
"category": "general",
"text": "The \"go bug\" command writes to two files with predictable names in the system temporary directory (for example, \"/tmp\"). An attacker with access to the temporary directory can create a symlink in one of these names, causing \"go bug\" to overwrite the target of the symlink.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39819",
"url": "https://www.suse.com/security/cve/CVE-2026-39819"
},
{
"category": "external",
"summary": "SUSE Bug 1264504 for CVE-2026-39819",
"url": "https://bugzilla.suse.com/1264504"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-10T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-39819"
},
{
"cve": "CVE-2026-39820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39820"
}
],
"notes": [
{
"category": "general",
"text": "Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39820",
"url": "https://www.suse.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "SUSE Bug 1264503 for CVE-2026-39820",
"url": "https://bugzilla.suse.com/1264503"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-10T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-39820"
},
{
"cve": "CVE-2026-39823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39823"
}
],
"notes": [
{
"category": "general",
"text": "CVE-2026-27142 fixed a vulnerability in which URLs were not correctly escaped inside of a \u003cmeta\u003e tag\u0027s \u003ccontent\u003e attribute. If the URL content were to insert ASCII whitespaces around the \u0027=\u0027 rune inside of the \u003ccontent\u003e attribute, the escaper would fail to similarly escape it, leading to XSS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39823",
"url": "https://www.suse.com/security/cve/CVE-2026-39823"
},
{
"category": "external",
"summary": "SUSE Bug 1264509 for CVE-2026-39823",
"url": "https://bugzilla.suse.com/1264509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-10T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-39823"
},
{
"cve": "CVE-2026-39825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39825"
}
],
"notes": [
{
"category": "general",
"text": "ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery. ReverseProxy does not take ParseQuery\u0027s limit on the total number of query parameters (controlled by GODEBUG=urlmaxqueryparams=N) into account. This can permit ReverseProxy to forward a request containing a query parameter that is not visible to the Rewrite function. For example, the query \"a1=x\u0026a2=x\u0026...\u0026a10000=x\u0026hidden=y\" can forward the parameter \"hidden=y\" while hiding it from the proxy\u0027s Rewrite function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39825",
"url": "https://www.suse.com/security/cve/CVE-2026-39825"
},
{
"category": "external",
"summary": "SUSE Bug 1264500 for CVE-2026-39825",
"url": "https://bugzilla.suse.com/1264500"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-10T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-39825"
},
{
"cve": "CVE-2026-39826",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39826"
}
],
"notes": [
{
"category": "general",
"text": "If a trusted template author were to write a \u003cscript\u003e tag containing an empty \u0027type\u0027 attribute or a \u0027type\u0027 attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the \u003cscript\u003e block.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39826",
"url": "https://www.suse.com/security/cve/CVE-2026-39826"
},
{
"category": "external",
"summary": "SUSE Bug 1264507 for CVE-2026-39826",
"url": "https://bugzilla.suse.com/1264507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-10T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-39826"
},
{
"cve": "CVE-2026-39836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39836"
}
],
"notes": [
{
"category": "general",
"text": "The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL (0).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39836",
"url": "https://www.suse.com/security/cve/CVE-2026-39836"
},
{
"category": "external",
"summary": "SUSE Bug 1264501 for CVE-2026-39836",
"url": "https://bugzilla.suse.com/1264501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-10T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-39836"
},
{
"cve": "CVE-2026-42499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42499"
}
],
"notes": [
{
"category": "general",
"text": "Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42499",
"url": "https://www.suse.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "SUSE Bug 1264502 for CVE-2026-42499",
"url": "https://bugzilla.suse.com/1264502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-10T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-42499"
},
{
"cve": "CVE-2026-42501",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42501"
}
],
"notes": [
{
"category": "general",
"text": "A malicious module proxy can exploit a flaw in the go command\u0027s validation of module checksums to bypass checksum database validation. This vulnerability affects any user using an untrusted module proxy (GOMODPROXY) or checksum database (GOSUMDB). A malicious module proxy can serve altered versions of the Go toolchain. When selecting a different version of the Go toolchain than the currently installed toolchain (due to the GOTOOLCHAIN environment variable, or a go.work or go.mod with a toolchain line), the go command will download and execute a toolchain provided by the module proxy. A malicious module proxy can bypass checksum database validation for this downloaded toolchain. Since this vulnerability affects the security of toolchain downloads, setting GOTOOLCHAIN to a fixed version is not sufficient. You must upgrade your base Go toolchain. The go tool always validates the hash of a toolchain before executing it, so fixed versions will refuse to execute any cached, altered versions of the toolchain. The go tool trusts go.sum files to contain accurate hashes of the current module\u0027s dependencies. A malicious proxy exploiting this vulnerability to serve an altered module will have caused an incorrect hash to be recorded in the go.sum. Users who have configured a non-trusted GOPROXY can determine if they have been affected by running \"rm go.sum ; go mod tidy ; go mod verify\", which will revalidate all dependencies of the current module. The specific flaw in more detail: The go command consults the checksum database to validate downloaded modules, when a module is not listed in the go.sum file. It verifies that the module hash reported by the checksum database matches the hash of the downloaded module. If, however, the checksum database returns a successful response that contains no entry for the module, the go command incorrectly permitted validation to succeed. A module proxy may mirror or proxy the checksum database, in which case the go command will not connect to the checksum database directly. Checksums reported by the checksum database are cryptographically signed, so a malicious proxy cannot alter the reported checksum for a module. However, a proxy which returns an empty checksum response, or a checksum response for an unrelated module, could cause the go command to proceed as if a downloaded module has been validated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42501",
"url": "https://www.suse.com/security/cve/CVE-2026-42501"
},
{
"category": "external",
"summary": "SUSE Bug 1264499 for CVE-2026-42501",
"url": "https://bugzilla.suse.com/1264499"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-doc-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-libstd-1.26.3-1.1.x86_64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.aarch64",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.ppc64le",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.s390x",
"openSUSE Tumbleweed:go1.26-race-1.26.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-10T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-42501"
}
]
}
OPENSUSE-SU-2026:20762-1
Vulnerability from csaf_opensuse - Published: 2026-05-17 20:16 - Updated: 2026-05-17 20:16| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.26",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.26 fixes the following issues\n\nSecurity issues:\n\n- CVE-2026-33811: net: crash when handling long CNAME response (bsc#1264508).\n- CVE-2026-33814: net/http: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1264506).\n- CVE-2026-39817: cmd/go: \"go tool pack\" does not sanitize output paths (bsc#1264505).\n- CVE-2026-39819: cmd/go: \"go bug\" follows symlinks in predictable temporary filenames (bsc#1264504).\n- CVE-2026-39820: net/mail: quadratic string concatentation in consumeComment (bsc#1264503).\n- CVE-2026-39823: html/template: bypass of meta content URL escaping causes XSS (bsc#1264509).\n- CVE-2026-39825: net/http/httputil: ReverseProxy forwards queries with more than urlmaxqueryparams parameters\n (bsc#1264500).\n- CVE-2026-39826: html/template: escaper bypass leads to XSS (bsc#1264507).\n- CVE-2026-39836: net: panic in Dial and LookupPort when handling NUL byte on Windows (bsc#1264501).\n- CVE-2026-42499: net/mail: quadratic string concatenation in consumePhrase (bsc#1264502).\n- CVE-2026-42501: cmd/go: malicious module proxy can bypass checksum database (bsc#1264499).\n\nNon security issues:\n\n- Updated to go1.26.3 (bsc#1255111).\n- Go packages miss binutils-gold dependency (bsc#1170826).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Leap-16.0-758",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_20762-1.json"
},
{
"category": "self",
"summary": "SUSE Bug 1170826",
"url": "https://bugzilla.suse.com/1170826"
},
{
"category": "self",
"summary": "SUSE Bug 1255111",
"url": "https://bugzilla.suse.com/1255111"
},
{
"category": "self",
"summary": "SUSE Bug 1264499",
"url": "https://bugzilla.suse.com/1264499"
},
{
"category": "self",
"summary": "SUSE Bug 1264500",
"url": "https://bugzilla.suse.com/1264500"
},
{
"category": "self",
"summary": "SUSE Bug 1264501",
"url": "https://bugzilla.suse.com/1264501"
},
{
"category": "self",
"summary": "SUSE Bug 1264502",
"url": "https://bugzilla.suse.com/1264502"
},
{
"category": "self",
"summary": "SUSE Bug 1264503",
"url": "https://bugzilla.suse.com/1264503"
},
{
"category": "self",
"summary": "SUSE Bug 1264504",
"url": "https://bugzilla.suse.com/1264504"
},
{
"category": "self",
"summary": "SUSE Bug 1264505",
"url": "https://bugzilla.suse.com/1264505"
},
{
"category": "self",
"summary": "SUSE Bug 1264506",
"url": "https://bugzilla.suse.com/1264506"
},
{
"category": "self",
"summary": "SUSE Bug 1264507",
"url": "https://bugzilla.suse.com/1264507"
},
{
"category": "self",
"summary": "SUSE Bug 1264508",
"url": "https://bugzilla.suse.com/1264508"
},
{
"category": "self",
"summary": "SUSE Bug 1264509",
"url": "https://bugzilla.suse.com/1264509"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33811 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33814 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39817 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39817/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39819 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39820 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39823 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39825 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39826 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39826/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39836 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42499 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42501 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42501/"
}
],
"title": "Security update for go1.26",
"tracking": {
"current_release_date": "2026-05-17T20:16:08Z",
"generator": {
"date": "2026-05-17T20:16:08Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:20762-1",
"initial_release_date": "2026-05-17T20:16:08Z",
"revision_history": [
{
"date": "2026-05-17T20:16:08Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.26-1.26.3-160000.1.1.aarch64",
"product": {
"name": "go1.26-1.26.3-160000.1.1.aarch64",
"product_id": "go1.26-1.26.3-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.26-doc-1.26.3-160000.1.1.aarch64",
"product": {
"name": "go1.26-doc-1.26.3-160000.1.1.aarch64",
"product_id": "go1.26-doc-1.26.3-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.26-libstd-1.26.3-160000.1.1.aarch64",
"product": {
"name": "go1.26-libstd-1.26.3-160000.1.1.aarch64",
"product_id": "go1.26-libstd-1.26.3-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.26-race-1.26.3-160000.1.1.aarch64",
"product": {
"name": "go1.26-race-1.26.3-160000.1.1.aarch64",
"product_id": "go1.26-race-1.26.3-160000.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.26-1.26.3-160000.1.1.ppc64le",
"product": {
"name": "go1.26-1.26.3-160000.1.1.ppc64le",
"product_id": "go1.26-1.26.3-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.26-doc-1.26.3-160000.1.1.ppc64le",
"product": {
"name": "go1.26-doc-1.26.3-160000.1.1.ppc64le",
"product_id": "go1.26-doc-1.26.3-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.26-race-1.26.3-160000.1.1.ppc64le",
"product": {
"name": "go1.26-race-1.26.3-160000.1.1.ppc64le",
"product_id": "go1.26-race-1.26.3-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.26-1.26.3-160000.1.1.s390x",
"product": {
"name": "go1.26-1.26.3-160000.1.1.s390x",
"product_id": "go1.26-1.26.3-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.26-doc-1.26.3-160000.1.1.s390x",
"product": {
"name": "go1.26-doc-1.26.3-160000.1.1.s390x",
"product_id": "go1.26-doc-1.26.3-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.26-race-1.26.3-160000.1.1.s390x",
"product": {
"name": "go1.26-race-1.26.3-160000.1.1.s390x",
"product_id": "go1.26-race-1.26.3-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.26-1.26.3-160000.1.1.x86_64",
"product": {
"name": "go1.26-1.26.3-160000.1.1.x86_64",
"product_id": "go1.26-1.26.3-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.26-doc-1.26.3-160000.1.1.x86_64",
"product": {
"name": "go1.26-doc-1.26.3-160000.1.1.x86_64",
"product_id": "go1.26-doc-1.26.3-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.26-libstd-1.26.3-160000.1.1.x86_64",
"product": {
"name": "go1.26-libstd-1.26.3-160000.1.1.x86_64",
"product_id": "go1.26-libstd-1.26.3-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.26-race-1.26.3-160000.1.1.x86_64",
"product": {
"name": "go1.26-race-1.26.3-160000.1.1.x86_64",
"product_id": "go1.26-race-1.26.3-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 16.0",
"product": {
"name": "openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.3-160000.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64"
},
"product_reference": "go1.26-1.26.3-160000.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.3-160000.1.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le"
},
"product_reference": "go1.26-1.26.3-160000.1.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.3-160000.1.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x"
},
"product_reference": "go1.26-1.26.3-160000.1.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.3-160000.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64"
},
"product_reference": "go1.26-1.26.3-160000.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.3-160000.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64"
},
"product_reference": "go1.26-doc-1.26.3-160000.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.3-160000.1.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le"
},
"product_reference": "go1.26-doc-1.26.3-160000.1.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.3-160000.1.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x"
},
"product_reference": "go1.26-doc-1.26.3-160000.1.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.3-160000.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64"
},
"product_reference": "go1.26-doc-1.26.3-160000.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-libstd-1.26.3-160000.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64"
},
"product_reference": "go1.26-libstd-1.26.3-160000.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-libstd-1.26.3-160000.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64"
},
"product_reference": "go1.26-libstd-1.26.3-160000.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.3-160000.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64"
},
"product_reference": "go1.26-race-1.26.3-160000.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.3-160000.1.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le"
},
"product_reference": "go1.26-race-1.26.3-160000.1.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.3-160000.1.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x"
},
"product_reference": "go1.26-race-1.26.3-160000.1.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.3-160000.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
},
"product_reference": "go1.26-race-1.26.3-160000.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33811",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33811"
}
],
"notes": [
{
"category": "general",
"text": "When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33811",
"url": "https://www.suse.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "SUSE Bug 1264508 for CVE-2026-33811",
"url": "https://bugzilla.suse.com/1264508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-17T20:16:08Z",
"details": "important"
}
],
"title": "CVE-2026-33811"
},
{
"cve": "CVE-2026-33814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33814"
}
],
"notes": [
{
"category": "general",
"text": "When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33814",
"url": "https://www.suse.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "SUSE Bug 1264506 for CVE-2026-33814",
"url": "https://bugzilla.suse.com/1264506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-17T20:16:08Z",
"details": "important"
}
],
"title": "CVE-2026-33814"
},
{
"cve": "CVE-2026-39817",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39817"
}
],
"notes": [
{
"category": "general",
"text": "The \"go tool pack\" subcommand (usually used only by the compiler as an internal tool with known-good inputs) does not sanitize output filenames. Extracting a malicious archive file with the \"pack\" subcommand can write files to arbitrary locations on the filesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39817",
"url": "https://www.suse.com/security/cve/CVE-2026-39817"
},
{
"category": "external",
"summary": "SUSE Bug 1264505 for CVE-2026-39817",
"url": "https://bugzilla.suse.com/1264505"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-17T20:16:08Z",
"details": "moderate"
}
],
"title": "CVE-2026-39817"
},
{
"cve": "CVE-2026-39819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39819"
}
],
"notes": [
{
"category": "general",
"text": "The \"go bug\" command writes to two files with predictable names in the system temporary directory (for example, \"/tmp\"). An attacker with access to the temporary directory can create a symlink in one of these names, causing \"go bug\" to overwrite the target of the symlink.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39819",
"url": "https://www.suse.com/security/cve/CVE-2026-39819"
},
{
"category": "external",
"summary": "SUSE Bug 1264504 for CVE-2026-39819",
"url": "https://bugzilla.suse.com/1264504"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-17T20:16:08Z",
"details": "moderate"
}
],
"title": "CVE-2026-39819"
},
{
"cve": "CVE-2026-39820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39820"
}
],
"notes": [
{
"category": "general",
"text": "Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39820",
"url": "https://www.suse.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "SUSE Bug 1264503 for CVE-2026-39820",
"url": "https://bugzilla.suse.com/1264503"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-17T20:16:08Z",
"details": "important"
}
],
"title": "CVE-2026-39820"
},
{
"cve": "CVE-2026-39823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39823"
}
],
"notes": [
{
"category": "general",
"text": "CVE-2026-27142 fixed a vulnerability in which URLs were not correctly escaped inside of a \u003cmeta\u003e tag\u0027s \u003ccontent\u003e attribute. If the URL content were to insert ASCII whitespaces around the \u0027=\u0027 rune inside of the \u003ccontent\u003e attribute, the escaper would fail to similarly escape it, leading to XSS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39823",
"url": "https://www.suse.com/security/cve/CVE-2026-39823"
},
{
"category": "external",
"summary": "SUSE Bug 1264509 for CVE-2026-39823",
"url": "https://bugzilla.suse.com/1264509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-17T20:16:08Z",
"details": "moderate"
}
],
"title": "CVE-2026-39823"
},
{
"cve": "CVE-2026-39825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39825"
}
],
"notes": [
{
"category": "general",
"text": "ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery. ReverseProxy does not take ParseQuery\u0027s limit on the total number of query parameters (controlled by GODEBUG=urlmaxqueryparams=N) into account. This can permit ReverseProxy to forward a request containing a query parameter that is not visible to the Rewrite function. For example, the query \"a1=x\u0026a2=x\u0026...\u0026a10000=x\u0026hidden=y\" can forward the parameter \"hidden=y\" while hiding it from the proxy\u0027s Rewrite function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39825",
"url": "https://www.suse.com/security/cve/CVE-2026-39825"
},
{
"category": "external",
"summary": "SUSE Bug 1264500 for CVE-2026-39825",
"url": "https://bugzilla.suse.com/1264500"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-17T20:16:08Z",
"details": "moderate"
}
],
"title": "CVE-2026-39825"
},
{
"cve": "CVE-2026-39826",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39826"
}
],
"notes": [
{
"category": "general",
"text": "If a trusted template author were to write a \u003cscript\u003e tag containing an empty \u0027type\u0027 attribute or a \u0027type\u0027 attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the \u003cscript\u003e block.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39826",
"url": "https://www.suse.com/security/cve/CVE-2026-39826"
},
{
"category": "external",
"summary": "SUSE Bug 1264507 for CVE-2026-39826",
"url": "https://bugzilla.suse.com/1264507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-17T20:16:08Z",
"details": "moderate"
}
],
"title": "CVE-2026-39826"
},
{
"cve": "CVE-2026-39836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39836"
}
],
"notes": [
{
"category": "general",
"text": "The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL (0).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39836",
"url": "https://www.suse.com/security/cve/CVE-2026-39836"
},
{
"category": "external",
"summary": "SUSE Bug 1264501 for CVE-2026-39836",
"url": "https://bugzilla.suse.com/1264501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-17T20:16:08Z",
"details": "important"
}
],
"title": "CVE-2026-39836"
},
{
"cve": "CVE-2026-42499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42499"
}
],
"notes": [
{
"category": "general",
"text": "Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42499",
"url": "https://www.suse.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "SUSE Bug 1264502 for CVE-2026-42499",
"url": "https://bugzilla.suse.com/1264502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-17T20:16:08Z",
"details": "important"
}
],
"title": "CVE-2026-42499"
},
{
"cve": "CVE-2026-42501",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42501"
}
],
"notes": [
{
"category": "general",
"text": "A malicious module proxy can exploit a flaw in the go command\u0027s validation of module checksums to bypass checksum database validation. This vulnerability affects any user using an untrusted module proxy (GOMODPROXY) or checksum database (GOSUMDB). A malicious module proxy can serve altered versions of the Go toolchain. When selecting a different version of the Go toolchain than the currently installed toolchain (due to the GOTOOLCHAIN environment variable, or a go.work or go.mod with a toolchain line), the go command will download and execute a toolchain provided by the module proxy. A malicious module proxy can bypass checksum database validation for this downloaded toolchain. Since this vulnerability affects the security of toolchain downloads, setting GOTOOLCHAIN to a fixed version is not sufficient. You must upgrade your base Go toolchain. The go tool always validates the hash of a toolchain before executing it, so fixed versions will refuse to execute any cached, altered versions of the toolchain. The go tool trusts go.sum files to contain accurate hashes of the current module\u0027s dependencies. A malicious proxy exploiting this vulnerability to serve an altered module will have caused an incorrect hash to be recorded in the go.sum. Users who have configured a non-trusted GOPROXY can determine if they have been affected by running \"rm go.sum ; go mod tidy ; go mod verify\", which will revalidate all dependencies of the current module. The specific flaw in more detail: The go command consults the checksum database to validate downloaded modules, when a module is not listed in the go.sum file. It verifies that the module hash reported by the checksum database matches the hash of the downloaded module. If, however, the checksum database returns a successful response that contains no entry for the module, the go command incorrectly permitted validation to succeed. A module proxy may mirror or proxy the checksum database, in which case the go command will not connect to the checksum database directly. Checksums reported by the checksum database are cryptographically signed, so a malicious proxy cannot alter the reported checksum for a module. However, a proxy which returns an empty checksum response, or a checksum response for an unrelated module, could cause the go command to proceed as if a downloaded module has been validated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42501",
"url": "https://www.suse.com/security/cve/CVE-2026-42501"
},
{
"category": "external",
"summary": "SUSE Bug 1264499 for CVE-2026-42501",
"url": "https://bugzilla.suse.com/1264499"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-doc-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-libstd-1.26.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.26-race-1.26.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-17T20:16:08Z",
"details": "important"
}
],
"title": "CVE-2026-42501"
}
]
}
OPENSUSE-SU-2026:20763-1
Vulnerability from csaf_opensuse - Published: 2026-05-18 00:17 - Updated: 2026-05-18 00:17| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.25",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.25 fixes the following issues\n\nSecurity issues:\n\n- CVE-2026-33811: net: crash when handling long CNAME response (bsc#1264508).\n- CVE-2026-33814: net/http: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1264506).\n- CVE-2026-39817: cmd/go: \"go tool pack\" does not sanitize output paths (bsc#1264505).\n- CVE-2026-39819: cmd/go: \"go bug\" follows symlinks in predictable temporary filenames (bsc#1264504).\n- CVE-2026-39820: net/mail: quadratic string concatentation in consumeComment (bsc#1264503).\n- CVE-2026-39823: html/template: bypass of meta content URL escaping causes XSS (bsc#1264509).\n- CVE-2026-39825: net/http/httputil: ReverseProxy forwards queries with more than urlmaxqueryparams parameters\n (bsc#1264500).\n- CVE-2026-39826: html/template: escaper bypass leads to XSS (bsc#1264507).\n- CVE-2026-39836: net: panic in Dial and LookupPort when handling NUL byte on Windows (bsc#1264501).\n- CVE-2026-42499: net/mail: quadratic string concatenation in consumePhrase (bsc#1264502).\n- CVE-2026-42501: cmd/go: malicious module proxy can bypass checksum database (bsc#1264499).\n\nNon security issues:\n\n- Updated to go1.25.10 (bsc#1244485).\n- Go packages miss binutils-gold dependency (bsc#1170826).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Leap-16.0-760",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_20763-1.json"
},
{
"category": "self",
"summary": "SUSE Bug 1170826",
"url": "https://bugzilla.suse.com/1170826"
},
{
"category": "self",
"summary": "SUSE Bug 1244485",
"url": "https://bugzilla.suse.com/1244485"
},
{
"category": "self",
"summary": "SUSE Bug 1264499",
"url": "https://bugzilla.suse.com/1264499"
},
{
"category": "self",
"summary": "SUSE Bug 1264500",
"url": "https://bugzilla.suse.com/1264500"
},
{
"category": "self",
"summary": "SUSE Bug 1264501",
"url": "https://bugzilla.suse.com/1264501"
},
{
"category": "self",
"summary": "SUSE Bug 1264502",
"url": "https://bugzilla.suse.com/1264502"
},
{
"category": "self",
"summary": "SUSE Bug 1264503",
"url": "https://bugzilla.suse.com/1264503"
},
{
"category": "self",
"summary": "SUSE Bug 1264504",
"url": "https://bugzilla.suse.com/1264504"
},
{
"category": "self",
"summary": "SUSE Bug 1264505",
"url": "https://bugzilla.suse.com/1264505"
},
{
"category": "self",
"summary": "SUSE Bug 1264506",
"url": "https://bugzilla.suse.com/1264506"
},
{
"category": "self",
"summary": "SUSE Bug 1264507",
"url": "https://bugzilla.suse.com/1264507"
},
{
"category": "self",
"summary": "SUSE Bug 1264508",
"url": "https://bugzilla.suse.com/1264508"
},
{
"category": "self",
"summary": "SUSE Bug 1264509",
"url": "https://bugzilla.suse.com/1264509"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33811 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33814 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39817 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39817/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39819 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39820 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39823 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39825 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39826 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39826/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39836 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42499 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42501 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42501/"
}
],
"title": "Security update for go1.25",
"tracking": {
"current_release_date": "2026-05-18T00:17:42Z",
"generator": {
"date": "2026-05-18T00:17:42Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:20763-1",
"initial_release_date": "2026-05-18T00:17:42Z",
"revision_history": [
{
"date": "2026-05-18T00:17:42Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.10-160000.1.1.aarch64",
"product": {
"name": "go1.25-1.25.10-160000.1.1.aarch64",
"product_id": "go1.25-1.25.10-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.10-160000.1.1.aarch64",
"product": {
"name": "go1.25-doc-1.25.10-160000.1.1.aarch64",
"product_id": "go1.25-doc-1.25.10-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-libstd-1.25.10-160000.1.1.aarch64",
"product": {
"name": "go1.25-libstd-1.25.10-160000.1.1.aarch64",
"product_id": "go1.25-libstd-1.25.10-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.10-160000.1.1.aarch64",
"product": {
"name": "go1.25-race-1.25.10-160000.1.1.aarch64",
"product_id": "go1.25-race-1.25.10-160000.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.10-160000.1.1.ppc64le",
"product": {
"name": "go1.25-1.25.10-160000.1.1.ppc64le",
"product_id": "go1.25-1.25.10-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.10-160000.1.1.ppc64le",
"product": {
"name": "go1.25-doc-1.25.10-160000.1.1.ppc64le",
"product_id": "go1.25-doc-1.25.10-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.10-160000.1.1.ppc64le",
"product": {
"name": "go1.25-race-1.25.10-160000.1.1.ppc64le",
"product_id": "go1.25-race-1.25.10-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.10-160000.1.1.s390x",
"product": {
"name": "go1.25-1.25.10-160000.1.1.s390x",
"product_id": "go1.25-1.25.10-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.10-160000.1.1.s390x",
"product": {
"name": "go1.25-doc-1.25.10-160000.1.1.s390x",
"product_id": "go1.25-doc-1.25.10-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.10-160000.1.1.s390x",
"product": {
"name": "go1.25-race-1.25.10-160000.1.1.s390x",
"product_id": "go1.25-race-1.25.10-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.10-160000.1.1.x86_64",
"product": {
"name": "go1.25-1.25.10-160000.1.1.x86_64",
"product_id": "go1.25-1.25.10-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.10-160000.1.1.x86_64",
"product": {
"name": "go1.25-doc-1.25.10-160000.1.1.x86_64",
"product_id": "go1.25-doc-1.25.10-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-libstd-1.25.10-160000.1.1.x86_64",
"product": {
"name": "go1.25-libstd-1.25.10-160000.1.1.x86_64",
"product_id": "go1.25-libstd-1.25.10-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.10-160000.1.1.x86_64",
"product": {
"name": "go1.25-race-1.25.10-160000.1.1.x86_64",
"product_id": "go1.25-race-1.25.10-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 16.0",
"product": {
"name": "openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.10-160000.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64"
},
"product_reference": "go1.25-1.25.10-160000.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.10-160000.1.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le"
},
"product_reference": "go1.25-1.25.10-160000.1.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.10-160000.1.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x"
},
"product_reference": "go1.25-1.25.10-160000.1.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.10-160000.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64"
},
"product_reference": "go1.25-1.25.10-160000.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.10-160000.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.10-160000.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.10-160000.1.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.10-160000.1.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.10-160000.1.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x"
},
"product_reference": "go1.25-doc-1.25.10-160000.1.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.10-160000.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.10-160000.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-libstd-1.25.10-160000.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64"
},
"product_reference": "go1.25-libstd-1.25.10-160000.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-libstd-1.25.10-160000.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64"
},
"product_reference": "go1.25-libstd-1.25.10-160000.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.10-160000.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64"
},
"product_reference": "go1.25-race-1.25.10-160000.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.10-160000.1.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.10-160000.1.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.10-160000.1.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x"
},
"product_reference": "go1.25-race-1.25.10-160000.1.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.10-160000.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
},
"product_reference": "go1.25-race-1.25.10-160000.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33811",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33811"
}
],
"notes": [
{
"category": "general",
"text": "When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33811",
"url": "https://www.suse.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "SUSE Bug 1264508 for CVE-2026-33811",
"url": "https://bugzilla.suse.com/1264508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-18T00:17:42Z",
"details": "important"
}
],
"title": "CVE-2026-33811"
},
{
"cve": "CVE-2026-33814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33814"
}
],
"notes": [
{
"category": "general",
"text": "When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33814",
"url": "https://www.suse.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "SUSE Bug 1264506 for CVE-2026-33814",
"url": "https://bugzilla.suse.com/1264506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-18T00:17:42Z",
"details": "important"
}
],
"title": "CVE-2026-33814"
},
{
"cve": "CVE-2026-39817",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39817"
}
],
"notes": [
{
"category": "general",
"text": "The \"go tool pack\" subcommand (usually used only by the compiler as an internal tool with known-good inputs) does not sanitize output filenames. Extracting a malicious archive file with the \"pack\" subcommand can write files to arbitrary locations on the filesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39817",
"url": "https://www.suse.com/security/cve/CVE-2026-39817"
},
{
"category": "external",
"summary": "SUSE Bug 1264505 for CVE-2026-39817",
"url": "https://bugzilla.suse.com/1264505"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-18T00:17:42Z",
"details": "moderate"
}
],
"title": "CVE-2026-39817"
},
{
"cve": "CVE-2026-39819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39819"
}
],
"notes": [
{
"category": "general",
"text": "The \"go bug\" command writes to two files with predictable names in the system temporary directory (for example, \"/tmp\"). An attacker with access to the temporary directory can create a symlink in one of these names, causing \"go bug\" to overwrite the target of the symlink.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39819",
"url": "https://www.suse.com/security/cve/CVE-2026-39819"
},
{
"category": "external",
"summary": "SUSE Bug 1264504 for CVE-2026-39819",
"url": "https://bugzilla.suse.com/1264504"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-18T00:17:42Z",
"details": "moderate"
}
],
"title": "CVE-2026-39819"
},
{
"cve": "CVE-2026-39820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39820"
}
],
"notes": [
{
"category": "general",
"text": "Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39820",
"url": "https://www.suse.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "SUSE Bug 1264503 for CVE-2026-39820",
"url": "https://bugzilla.suse.com/1264503"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-18T00:17:42Z",
"details": "important"
}
],
"title": "CVE-2026-39820"
},
{
"cve": "CVE-2026-39823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39823"
}
],
"notes": [
{
"category": "general",
"text": "CVE-2026-27142 fixed a vulnerability in which URLs were not correctly escaped inside of a \u003cmeta\u003e tag\u0027s \u003ccontent\u003e attribute. If the URL content were to insert ASCII whitespaces around the \u0027=\u0027 rune inside of the \u003ccontent\u003e attribute, the escaper would fail to similarly escape it, leading to XSS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39823",
"url": "https://www.suse.com/security/cve/CVE-2026-39823"
},
{
"category": "external",
"summary": "SUSE Bug 1264509 for CVE-2026-39823",
"url": "https://bugzilla.suse.com/1264509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-18T00:17:42Z",
"details": "moderate"
}
],
"title": "CVE-2026-39823"
},
{
"cve": "CVE-2026-39825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39825"
}
],
"notes": [
{
"category": "general",
"text": "ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery. ReverseProxy does not take ParseQuery\u0027s limit on the total number of query parameters (controlled by GODEBUG=urlmaxqueryparams=N) into account. This can permit ReverseProxy to forward a request containing a query parameter that is not visible to the Rewrite function. For example, the query \"a1=x\u0026a2=x\u0026...\u0026a10000=x\u0026hidden=y\" can forward the parameter \"hidden=y\" while hiding it from the proxy\u0027s Rewrite function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39825",
"url": "https://www.suse.com/security/cve/CVE-2026-39825"
},
{
"category": "external",
"summary": "SUSE Bug 1264500 for CVE-2026-39825",
"url": "https://bugzilla.suse.com/1264500"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-18T00:17:42Z",
"details": "moderate"
}
],
"title": "CVE-2026-39825"
},
{
"cve": "CVE-2026-39826",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39826"
}
],
"notes": [
{
"category": "general",
"text": "If a trusted template author were to write a \u003cscript\u003e tag containing an empty \u0027type\u0027 attribute or a \u0027type\u0027 attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the \u003cscript\u003e block.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39826",
"url": "https://www.suse.com/security/cve/CVE-2026-39826"
},
{
"category": "external",
"summary": "SUSE Bug 1264507 for CVE-2026-39826",
"url": "https://bugzilla.suse.com/1264507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-18T00:17:42Z",
"details": "moderate"
}
],
"title": "CVE-2026-39826"
},
{
"cve": "CVE-2026-39836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39836"
}
],
"notes": [
{
"category": "general",
"text": "The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL (0).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39836",
"url": "https://www.suse.com/security/cve/CVE-2026-39836"
},
{
"category": "external",
"summary": "SUSE Bug 1264501 for CVE-2026-39836",
"url": "https://bugzilla.suse.com/1264501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-18T00:17:42Z",
"details": "important"
}
],
"title": "CVE-2026-39836"
},
{
"cve": "CVE-2026-42499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42499"
}
],
"notes": [
{
"category": "general",
"text": "Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42499",
"url": "https://www.suse.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "SUSE Bug 1264502 for CVE-2026-42499",
"url": "https://bugzilla.suse.com/1264502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-18T00:17:42Z",
"details": "important"
}
],
"title": "CVE-2026-42499"
},
{
"cve": "CVE-2026-42501",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42501"
}
],
"notes": [
{
"category": "general",
"text": "A malicious module proxy can exploit a flaw in the go command\u0027s validation of module checksums to bypass checksum database validation. This vulnerability affects any user using an untrusted module proxy (GOMODPROXY) or checksum database (GOSUMDB). A malicious module proxy can serve altered versions of the Go toolchain. When selecting a different version of the Go toolchain than the currently installed toolchain (due to the GOTOOLCHAIN environment variable, or a go.work or go.mod with a toolchain line), the go command will download and execute a toolchain provided by the module proxy. A malicious module proxy can bypass checksum database validation for this downloaded toolchain. Since this vulnerability affects the security of toolchain downloads, setting GOTOOLCHAIN to a fixed version is not sufficient. You must upgrade your base Go toolchain. The go tool always validates the hash of a toolchain before executing it, so fixed versions will refuse to execute any cached, altered versions of the toolchain. The go tool trusts go.sum files to contain accurate hashes of the current module\u0027s dependencies. A malicious proxy exploiting this vulnerability to serve an altered module will have caused an incorrect hash to be recorded in the go.sum. Users who have configured a non-trusted GOPROXY can determine if they have been affected by running \"rm go.sum ; go mod tidy ; go mod verify\", which will revalidate all dependencies of the current module. The specific flaw in more detail: The go command consults the checksum database to validate downloaded modules, when a module is not listed in the go.sum file. It verifies that the module hash reported by the checksum database matches the hash of the downloaded module. If, however, the checksum database returns a successful response that contains no entry for the module, the go command incorrectly permitted validation to succeed. A module proxy may mirror or proxy the checksum database, in which case the go command will not connect to the checksum database directly. Checksums reported by the checksum database are cryptographically signed, so a malicious proxy cannot alter the reported checksum for a module. However, a proxy which returns an empty checksum response, or a checksum response for an unrelated module, could cause the go command to proceed as if a downloaded module has been validated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42501",
"url": "https://www.suse.com/security/cve/CVE-2026-42501"
},
{
"category": "external",
"summary": "SUSE Bug 1264499 for CVE-2026-42501",
"url": "https://bugzilla.suse.com/1264499"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-doc-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-libstd-1.25.10-160000.1.1.x86_64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.aarch64",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.ppc64le",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.s390x",
"openSUSE Leap 16.0:go1.25-race-1.25.10-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-18T00:17:42Z",
"details": "important"
}
],
"title": "CVE-2026-42501"
}
]
}
RHSA-2026:33120
Vulnerability from csaf_redhat - Published: 2026-06-29 14:23 - Updated: 2026-07-07 18:58A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64 | — |
Workaround
|
A flaw was found in the HTTP/2 protocol implementation within the Go standard library (golang.org/x/net and net/http/internal/http2). A remote attacker can exploit this vulnerability by sending a specially crafted HTTP/2 SETTINGS frame with the SETTINGS_MAX_FRAME_SIZE parameter set to zero. This malicious frame causes the transport layer to enter an infinite loop of writing CONTINUATION frames, leading to resource exhaustion and a Denial of Service (DoS) condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64 | — |
Workaround
|
A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64 | — |
Workaround
|
A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh 3.0.13\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh 3.0.13, which is based on the open source Istio project, addresses a variety of problems in a microservice architecture by creating a centralized point of control in an application.\n\nSecurity Fix(es):\n\n* CVE-2026-39820 openshift-golang-builder-container: Go net/mail: Denial of Service via crafted email inputs (OSSM-14269)\n* CVE-2026-42499 openshift-golang-builder-container: net/mail: Denial of Service via pathological email address parsing (OSSM-14500)\n* CVE-2026-33814 openshift-golang-builder-container: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame (OSSM-14548)\n* CVE-2026-33811 openshift-golang-builder-container: Go net package: Denial of Service via long CNAME response in LookupCNAME (OSSM-14564)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:33120",
"url": "https://access.redhat.com/errata/RHSA-2026:33120"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33811",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33814",
"url": "https://access.redhat.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39820",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42499",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_33120.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.0.13",
"tracking": {
"current_release_date": "2026-07-07T18:58:36+00:00",
"generator": {
"date": "2026-07-07T18:58:36+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:33120",
"initial_release_date": "2026-06-29T14:23:25+00:00",
"revision_history": [
{
"date": "2026-06-29T14:23:25+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-29T14:23:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-07T18:58:36+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Service Mesh 3.0",
"product": {
"name": "Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:3.0::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-sail-operator-bundle@sha256%3A19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle\u0026tag=1782301456"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3Abb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel9\u0026tag=1782222217"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9\u0026tag=1782222514"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel9-operator\u0026tag=1782222607"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3Af473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9\u0026tag=1782223341"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3A919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9\u0026tag=1782296193"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3A5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9\u0026tag=1782223469"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3Ab994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel9\u0026tag=1782222217"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3Ae71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9\u0026tag=1782222514"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3Ae1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel9-operator\u0026tag=1782222607"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3Aa1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9\u0026tag=1782223341"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3A5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9\u0026tag=1782296193"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3Aec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9\u0026tag=1782223469"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel9\u0026tag=1782222217"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3Aa6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9\u0026tag=1782222514"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel9-operator\u0026tag=1782222607"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3A30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9\u0026tag=1782223341"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3A138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9\u0026tag=1782296193"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3Ac77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9\u0026tag=1782223469"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel9\u0026tag=1782222217"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3Aee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9\u0026tag=1782222514"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel9-operator\u0026tag=1782222607"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3Abdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9\u0026tag=1782223341"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3Ae24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9\u0026tag=1782296193"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3Ac1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9\u0026tag=1782223469"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33811",
"cwe": {
"id": "CWE-1341",
"name": "Multiple Releases of Same Resource or Handle"
},
"discovery_date": "2026-05-07T20:01:34.913869+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467822"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net` package, affecting applications configured to use the `cgo` DNS resolver. A remote attacker could trigger a double-free memory error by providing a very long CNAME response, leading to a crash of the vulnerable application and impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "RHBZ#2467822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467822"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33811",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33811"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://go.dev/cl/767860",
"url": "https://go.dev/cl/767860"
},
{
"category": "external",
"summary": "https://go.dev/issue/78803",
"url": "https://go.dev/issue/78803"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4981",
"url": "https://pkg.go.dev/vuln/GO-2026-4981"
}
],
"release_date": "2026-05-07T19:41:19.285000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T14:23:25+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.0.13 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.0",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33120"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications can be configured to use the pure Go DNS resolver instead of the `cgo` DNS resolver. This can be achieved by setting the `GODEBUG` environment variable to `netdns=go`. For example, to run a Go application with this mitigation: `GODEBUG=netdns=go /path/to/your/go/application`. This change may require restarting affected applications or services to take effect. Users should verify that this change does not negatively impact DNS resolution for their specific application environment.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME"
},
{
"cve": "CVE-2026-33814",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-05-07T20:01:11.324941+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467815"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the HTTP/2 protocol implementation within the Go standard library (golang.org/x/net and net/http/internal/http2). A remote attacker can exploit this vulnerability by sending a specially crafted HTTP/2 SETTINGS frame with the SETTINGS_MAX_FRAME_SIZE parameter set to zero. This malicious frame causes the transport layer to enter an infinite loop of writing CONTINUATION frames, leading to resource exhaustion and a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important denial of service flaw in the Go HTTP/2 protocol implementation allows a remote, unauthenticated attacker to exhaust system resources. By sending a specially crafted HTTP/2 SETTINGS frame with a zero-value SETTINGS_MAX_FRAME_SIZE, the vulnerable Go library enters an infinite loop, impacting the availability of services utilizing HTTP/2.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "RHBZ#2467815",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467815"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33814",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33814"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33814",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33814"
},
{
"category": "external",
"summary": "https://go.dev/cl/761581",
"url": "https://go.dev/cl/761581"
},
{
"category": "external",
"summary": "https://go.dev/cl/761640",
"url": "https://go.dev/cl/761640"
},
{
"category": "external",
"summary": "https://go.dev/issue/78476",
"url": "https://go.dev/issue/78476"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4918",
"url": "https://pkg.go.dev/vuln/GO-2026-4918"
}
],
"release_date": "2026-05-07T19:41:17.631000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T14:23:25+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.0.13 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.0",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33120"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame"
},
{
"cve": "CVE-2026-39820",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-05-07T20:01:27.800929+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467820"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net/mail` package. Applications processing untrusted email inputs via `ParseAddress`, `ParseAddressList`, or `ParseDate` functions are susceptible to excessive resource consumption, which can lead to service unavailability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "RHBZ#2467820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467820"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39820",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39820"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://go.dev/cl/759940",
"url": "https://go.dev/cl/759940"
},
{
"category": "external",
"summary": "https://go.dev/issue/78566",
"url": "https://go.dev/issue/78566"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4986",
"url": "https://pkg.go.dev/vuln/GO-2026-4986"
}
],
"release_date": "2026-05-07T19:41:19.854000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T14:23:25+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.0.13 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.0",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33120"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs"
},
{
"cve": "CVE-2026-42499",
"cwe": {
"id": "CWE-1046",
"name": "Creation of Immutable Text Using String Concatenation"
},
"discovery_date": "2026-05-07T20:00:51.685602+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467809"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the `net/mail` package of the Go standard library. A remote attacker can exploit this flaw by sending specially crafted email addresses, leading to excessive resource consumption and a denial of service in Go applications that parse email addresses using the affected library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "RHBZ#2467809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467809"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42499",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42499"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://go.dev/cl/771520",
"url": "https://go.dev/cl/771520"
},
{
"category": "external",
"summary": "https://go.dev/issue/78987",
"url": "https://go.dev/issue/78987"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4977",
"url": "https://pkg.go.dev/vuln/GO-2026-4977"
}
],
"release_date": "2026-05-07T19:41:18.615000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T14:23:25+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.0.13 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.0",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33120"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:5fdcc9c7b6ff9b4b099713c4d549128c12b335fb0c28154f631ba3e9f99c8f52_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c1e04b361c355bb1d5f44a57dc041158eef59eb83f831a4d6413b00298af79d2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:c77f3dcf9aef74e532505742c538ae46e3eb569cd72398736d476dba197aa1ed_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:ec5f07a3b10e44e9300eb7d62cfc0d1d31833ab72c12f5815ff0542b81624b7c_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:42493d19383ead956b26476cc20dfa6c328bbdb5a4f40ba5be32f8f87ede33d4_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d80beaa628f568236255e1970ffcfff668ee23faf97f532e881b0025f98111d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b994454b076fda08a36d4d949545d6d80229c9345a00f59d04ccbab41ef54066_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bb734ae567ad77fd92f44c3d226055055a8c990b8123db23386149f418e68f04_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0dbe0cdb02314a8a78dca02557441f9b99ab3bcd93157c17dbbb81f5cbc8eb81_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:a6f4f1a5fa8fa84fd7850e17dfbe1837ea35fe636385f3dfcd63a3ecb975b410_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:e71fa71c7203561946e9f0038eaad69957c9717b34abc60fcd4044e1f64417b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:ee26949de4dce15bc35847d8f361c507fb852d9f006eaabd07a344f3c56856f9_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:30e125ba97b545946ce958d62acfa95a095baecae5dfa80a44617a44e22633e8_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a1c134048c73b0ba902974f0515938902de93b0c3b32f0cc91fb8a6f45706629_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:bdf16979b6650d9016b07c0dfab4b75e727234755a7c0d9beb1230c98d313dff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:f473fa7b227648c66af6f54c728d8b42af3ceb1dcfca21c295f2e2af36dd31b7_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:138e739ebd61c7b1b47f0056d7b9a889a6368529e7fca3cb755c7b40be65df2c_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d92ddc988d165e8e2b66e017a8cbd1ac1ee7fc91caaacec62bfcedce1c3f2b3_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:919e44a19dafe3670f6431be3aa01bf7bfebfdeacac5c3882cd9c8e2e4905516_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e24864eb5b3285151c6a59f9f35a097467458ff21f0831be5178d3f74910b822_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:38ca5e774bac8287a27dc4af5b4f015fa1a3e2bcc1618c97e642a5ff4ab66982_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6d607b4aac9562b1401b33c9dc4d496ec13c75d765bf426e11bcf4fa5769a056_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70dc18e5444c2ebc7c0b77740d0083de9d4e139f45e59292ae1edd48a518d8af_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e1644b7694bf252a2e220773f811e5ae7f83c2c0c1885ff7c3a2f471cab33ed1_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:19ead4f64970ea27823756dd4e0e55215c8787c4d5d923cde8e4c8345dc013c5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing"
}
]
}
RHSA-2026:33123
Vulnerability from csaf_redhat - Published: 2026-06-29 14:40 - Updated: 2026-07-07 18:58A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64 | — |
Workaround
|
A flaw was found in the HTTP/2 protocol implementation within the Go standard library (golang.org/x/net and net/http/internal/http2). A remote attacker can exploit this vulnerability by sending a specially crafted HTTP/2 SETTINGS frame with the SETTINGS_MAX_FRAME_SIZE parameter set to zero. This malicious frame causes the transport layer to enter an infinite loop of writing CONTINUATION frames, leading to resource exhaustion and a Denial of Service (DoS) condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64 | — |
Workaround
|
A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64 | — |
Workaround
|
A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh 3.1.10\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh 3.1.10, which is based on the open source Istio project, addresses a variety of problems in a microservice architecture by creating a centralized point of control in an application.\n\nSecurity Fix(es):\n\n* CVE-2026-39820 openshift-golang-builder-container: Go net/mail: Denial of Service via crafted email inputs (OSSM-14266)\n* CVE-2026-42499 openshift-golang-builder-container: net/mail: Denial of Service via pathological email address parsing (OSSM-14501)\n* CVE-2026-33814 openshift-golang-builder-container: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame (OSSM-14549)\n* CVE-2026-33811 openshift-golang-builder-container: Go net package: Denial of Service via long CNAME response in LookupCNAME (OSSM-14562)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:33123",
"url": "https://access.redhat.com/errata/RHSA-2026:33123"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33811",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33814",
"url": "https://access.redhat.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39820",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42499",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_33123.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.1.10",
"tracking": {
"current_release_date": "2026-07-07T18:58:36+00:00",
"generator": {
"date": "2026-07-07T18:58:36+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:33123",
"initial_release_date": "2026-06-29T14:40:31+00:00",
"revision_history": [
{
"date": "2026-06-29T14:40:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-29T14:40:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-07T18:58:36+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Service Mesh 3.1",
"product": {
"name": "Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:3.1::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-sail-operator-bundle@sha256%3A0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle\u0026tag=1782301303"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel9\u0026tag=1782222163"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9\u0026tag=1782222367"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel9-operator\u0026tag=1782222451"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3Ade940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9\u0026tag=1782223138"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3A8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9\u0026tag=1782222394"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3A3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9\u0026tag=1782223665"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel9\u0026tag=1782222163"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9\u0026tag=1782222367"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel9-operator\u0026tag=1782222451"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3A7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9\u0026tag=1782223138"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3Ab6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9\u0026tag=1782222394"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3Aa09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9\u0026tag=1782223665"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel9\u0026tag=1782222163"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3Ac2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9\u0026tag=1782222367"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3Ad613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel9-operator\u0026tag=1782222451"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3A40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9\u0026tag=1782223138"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3A370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9\u0026tag=1782222394"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3A2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9\u0026tag=1782223665"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel9\u0026tag=1782222163"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9\u0026tag=1782222367"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel9-operator\u0026tag=1782222451"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3Aa6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9\u0026tag=1782223138"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3A7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9\u0026tag=1782222394"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3Ace2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9\u0026tag=1782223665"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33811",
"cwe": {
"id": "CWE-1341",
"name": "Multiple Releases of Same Resource or Handle"
},
"discovery_date": "2026-05-07T20:01:34.913869+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467822"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net` package, affecting applications configured to use the `cgo` DNS resolver. A remote attacker could trigger a double-free memory error by providing a very long CNAME response, leading to a crash of the vulnerable application and impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "RHBZ#2467822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467822"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33811",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33811"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://go.dev/cl/767860",
"url": "https://go.dev/cl/767860"
},
{
"category": "external",
"summary": "https://go.dev/issue/78803",
"url": "https://go.dev/issue/78803"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4981",
"url": "https://pkg.go.dev/vuln/GO-2026-4981"
}
],
"release_date": "2026-05-07T19:41:19.285000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T14:40:31+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.1.10 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.1",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33123"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications can be configured to use the pure Go DNS resolver instead of the `cgo` DNS resolver. This can be achieved by setting the `GODEBUG` environment variable to `netdns=go`. For example, to run a Go application with this mitigation: `GODEBUG=netdns=go /path/to/your/go/application`. This change may require restarting affected applications or services to take effect. Users should verify that this change does not negatively impact DNS resolution for their specific application environment.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME"
},
{
"cve": "CVE-2026-33814",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-05-07T20:01:11.324941+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467815"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the HTTP/2 protocol implementation within the Go standard library (golang.org/x/net and net/http/internal/http2). A remote attacker can exploit this vulnerability by sending a specially crafted HTTP/2 SETTINGS frame with the SETTINGS_MAX_FRAME_SIZE parameter set to zero. This malicious frame causes the transport layer to enter an infinite loop of writing CONTINUATION frames, leading to resource exhaustion and a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important denial of service flaw in the Go HTTP/2 protocol implementation allows a remote, unauthenticated attacker to exhaust system resources. By sending a specially crafted HTTP/2 SETTINGS frame with a zero-value SETTINGS_MAX_FRAME_SIZE, the vulnerable Go library enters an infinite loop, impacting the availability of services utilizing HTTP/2.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "RHBZ#2467815",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467815"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33814",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33814"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33814",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33814"
},
{
"category": "external",
"summary": "https://go.dev/cl/761581",
"url": "https://go.dev/cl/761581"
},
{
"category": "external",
"summary": "https://go.dev/cl/761640",
"url": "https://go.dev/cl/761640"
},
{
"category": "external",
"summary": "https://go.dev/issue/78476",
"url": "https://go.dev/issue/78476"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4918",
"url": "https://pkg.go.dev/vuln/GO-2026-4918"
}
],
"release_date": "2026-05-07T19:41:17.631000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T14:40:31+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.1.10 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.1",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33123"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame"
},
{
"cve": "CVE-2026-39820",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-05-07T20:01:27.800929+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467820"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net/mail` package. Applications processing untrusted email inputs via `ParseAddress`, `ParseAddressList`, or `ParseDate` functions are susceptible to excessive resource consumption, which can lead to service unavailability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "RHBZ#2467820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467820"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39820",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39820"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://go.dev/cl/759940",
"url": "https://go.dev/cl/759940"
},
{
"category": "external",
"summary": "https://go.dev/issue/78566",
"url": "https://go.dev/issue/78566"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4986",
"url": "https://pkg.go.dev/vuln/GO-2026-4986"
}
],
"release_date": "2026-05-07T19:41:19.854000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T14:40:31+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.1.10 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.1",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33123"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs"
},
{
"cve": "CVE-2026-42499",
"cwe": {
"id": "CWE-1046",
"name": "Creation of Immutable Text Using String Concatenation"
},
"discovery_date": "2026-05-07T20:00:51.685602+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467809"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the `net/mail` package of the Go standard library. A remote attacker can exploit this flaw by sending specially crafted email addresses, leading to excessive resource consumption and a denial of service in Go applications that parse email addresses using the affected library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "RHBZ#2467809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467809"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42499",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42499"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://go.dev/cl/771520",
"url": "https://go.dev/cl/771520"
},
{
"category": "external",
"summary": "https://go.dev/issue/78987",
"url": "https://go.dev/issue/78987"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4977",
"url": "https://pkg.go.dev/vuln/GO-2026-4977"
}
],
"release_date": "2026-05-07T19:41:18.615000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T14:40:31+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.1.10 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.1",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33123"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:2213bdf2e395c942887e916b0604dd177f3c7b25919a8fa6c4ea2246b33087ca_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:3720b37fb6276ee8ebb7eacf59caa30e303a36a757146933c778ef66829a6d27_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:a09a41cc17d7d83ceea7eb1f4761194e302fbef0325ad05f5f341535e00ac6a0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:ce2f97fff855fe6a546e7015f81e30f5fc20b6cd59aa5ab3703f1ffbd89de276_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:04babebfba688f27d328a068ab6400442a1c059961483ebef56e96af7f094ae6_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1718f2b90cf50dd2b4d3162f29d19ae82efecacee33c9e5583251acae57e389f_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:5b60802e90debcd63790368760a2283ac2c874eb18b3c270df53ab71d907ec1c_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9ed06b503616ee74cc30fcec3793c4f6ab080d0132237175734c1a83f220b837_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:0300747fe88b9256e01f3830c8ddf9b3583fc6911dabb1063f395c05b81b19e9_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2c6db06b9ea300fd25473da01aa7ccd4768ef7966a55d96091727145839db03e_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:99b40adc7b0cdab81288fecedce9a71aa98e49163cd665e2f951db9ab2cfa8bd_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c2afde700f563fde9412de96b31ec90edd4677ef2d7c8934ce2f8e91cdceca71_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:40efc5f922847ee8272c66934730e638ff4216708e304e37d166e172ade10255_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7b57f5b93ad04fa8d55d652e9b0cca942d80bd0bd0d29f6da1325608d2476bb5_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a6eda970e4a56fc34858e356671cb4e2defaa2bc8f4ddeb93a8e7c3ec9bbce19_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:de940211055c70dd42db84044096345fa0b8e49ecaa968586ce54b90c9ede4f6_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:370f34f3ffdf2508cf14cc6e05764b28c2407899c413f288ed3627aa8bf48810_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7ebb308e017b844f85ba952aaac5fec604ff88104249598e2b1c2025428ef425_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:8ab1314ba3c45788ef412d7f2fb2fc4c3de9ab3b9f91be9d9a84db4649cf6ad3_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b6569533c9414806ff1dc7011a88ff8162f31c16466d5aeab8991ff1f48e4a87_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:10ecb4096705a66cba0a6994b52abb04e404f1eeb2f262663de053efe5735068_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:77b4cba5e3affb9261f58a0b86daf2e17d7fa3a9420886b08e5a8cf8da40d1cc_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:9721a32e358596f67ec05736862a7cf929ae9a2593318fe7e5cb5e63ecbb8d68_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d613f9f4b1584e28cfe729e069fb768b447091db285a98ee9c6833fb0573d566_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:0666c45bb1d292fa1170bd7640ba1e982c70f9cf4caeedd97ee9de22dbc16dfd_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing"
}
]
}
RHSA-2026:33142
Vulnerability from csaf_redhat - Published: 2026-06-29 14:56 - Updated: 2026-07-07 18:58A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:ddbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:e846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:fc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:cbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:e4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:fab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e_s390x | — |
Workaround
|
A flaw was found in the HTTP/2 protocol implementation within the Go standard library (golang.org/x/net and net/http/internal/http2). A remote attacker can exploit this vulnerability by sending a specially crafted HTTP/2 SETTINGS frame with the SETTINGS_MAX_FRAME_SIZE parameter set to zero. This malicious frame causes the transport layer to enter an infinite loop of writing CONTINUATION frames, leading to resource exhaustion and a Denial of Service (DoS) condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:ddbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:e846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:fc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:cbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:e4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:fab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e_s390x | — |
Workaround
|
A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:ddbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:e846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:fc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:cbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:e4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:fab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e_s390x | — |
Workaround
|
A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:ddbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:e846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:fc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:cbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:e4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:fab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e_s390x | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh 3.2.7\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh 3.2.7, which is based on the open source Istio project, addresses a variety of problems in a microservice architecture by creating a centralized point of control in an application.\nSecurity Fix(es):\n\n* CVE-2026-39820 openshift-golang-builder-container: Go net/mail: Denial of Service via crafted email inputs (OSSM-14267)\n* CVE-2026-33814 openshift-golang-builder-container: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame (OSSM-14551)\n* CVE-2026-42499 openshift-golang-builder-container: net/mail: Denial of Service via pathological email address parsing (OSSM-14499)\n* CVE-2026-33811 openshift-golang-builder-container: Go net package: Denial of Service via long CNAME response in LookupCNAME (OSSM-14566)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:33142",
"url": "https://access.redhat.com/errata/RHSA-2026:33142"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33811",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33814",
"url": "https://access.redhat.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39820",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42499",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_33142.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.2.7",
"tracking": {
"current_release_date": "2026-07-07T18:58:37+00:00",
"generator": {
"date": "2026-07-07T18:58:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:33142",
"initial_release_date": "2026-06-29T14:56:08+00:00",
"revision_history": [
{
"date": "2026-06-29T14:56:08+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-29T14:56:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-07T18:58:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Service Mesh 3.2",
"product": {
"name": "Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:3.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:cbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:cbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:cbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-sail-operator-bundle@sha256%3Acbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle\u0026tag=1782310795"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel9\u0026tag=1782226178"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3Ac489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9\u0026tag=1782225149"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3Ae2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel9-operator\u0026tag=1782224541"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3A61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9\u0026tag=1782224487"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3Ad7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9\u0026tag=1782303211"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3A3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9\u0026tag=1782225516"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel9\u0026tag=1782226178"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9\u0026tag=1782225149"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:fc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:fc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:fc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3Afc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel9-operator\u0026tag=1782224541"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3A2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9\u0026tag=1782224487"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3A009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9\u0026tag=1782303211"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3Af91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9\u0026tag=1782225516"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:e846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:e846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:e846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3Ae846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel9\u0026tag=1782226178"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9\u0026tag=1782225149"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel9-operator\u0026tag=1782224541"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3A76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9\u0026tag=1782224487"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3A11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9\u0026tag=1782303211"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:e4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:e4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:e4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3Ae4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9\u0026tag=1782225516"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:ddbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:ddbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:ddbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3Addbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel9\u0026tag=1782226178"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9\u0026tag=1782225149"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel9-operator\u0026tag=1782224541"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3A52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9\u0026tag=1782224487"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3Aad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9\u0026tag=1782303211"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:fab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:fab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:fab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3Afab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9\u0026tag=1782225516"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7_amd64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118_arm64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:ddbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e_s390x as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:ddbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:ddbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:e846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2_ppc64le as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:e846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:e846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af_s390x as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b_arm64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65_ppc64le as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c_amd64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2_arm64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248_s390x as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5_amd64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d_ppc64le as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e_arm64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9_ppc64le as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f_s390x as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375_amd64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad_ppc64le as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02_s390x as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65_amd64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:fc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772_arm64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:fc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:fc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:cbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39_amd64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:cbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:cbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a_amd64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:e4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b_ppc64le as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:e4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:e4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d_arm64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:fab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e_s390x as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:fab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:fab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33811",
"cwe": {
"id": "CWE-1341",
"name": "Multiple Releases of Same Resource or Handle"
},
"discovery_date": "2026-05-07T20:01:34.913869+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:cbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:e4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:fab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467822"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net` package, affecting applications configured to use the `cgo` DNS resolver. A remote attacker could trigger a double-free memory error by providing a very long CNAME response, leading to a crash of the vulnerable application and impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:ddbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:e846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:fc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:cbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:e4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:fab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "RHBZ#2467822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467822"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33811",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33811"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://go.dev/cl/767860",
"url": "https://go.dev/cl/767860"
},
{
"category": "external",
"summary": "https://go.dev/issue/78803",
"url": "https://go.dev/issue/78803"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4981",
"url": "https://pkg.go.dev/vuln/GO-2026-4981"
}
],
"release_date": "2026-05-07T19:41:19.285000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T14:56:08+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.2.7 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.2",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:ddbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:e846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:fc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33142"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications can be configured to use the pure Go DNS resolver instead of the `cgo` DNS resolver. This can be achieved by setting the `GODEBUG` environment variable to `netdns=go`. For example, to run a Go application with this mitigation: `GODEBUG=netdns=go /path/to/your/go/application`. This change may require restarting affected applications or services to take effect. Users should verify that this change does not negatively impact DNS resolution for their specific application environment.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:ddbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:e846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:fc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:cbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:e4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:fab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:ddbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:e846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:fc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:cbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:e4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:fab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME"
},
{
"cve": "CVE-2026-33814",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-05-07T20:01:11.324941+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:cbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:e4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:fab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467815"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the HTTP/2 protocol implementation within the Go standard library (golang.org/x/net and net/http/internal/http2). A remote attacker can exploit this vulnerability by sending a specially crafted HTTP/2 SETTINGS frame with the SETTINGS_MAX_FRAME_SIZE parameter set to zero. This malicious frame causes the transport layer to enter an infinite loop of writing CONTINUATION frames, leading to resource exhaustion and a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important denial of service flaw in the Go HTTP/2 protocol implementation allows a remote, unauthenticated attacker to exhaust system resources. By sending a specially crafted HTTP/2 SETTINGS frame with a zero-value SETTINGS_MAX_FRAME_SIZE, the vulnerable Go library enters an infinite loop, impacting the availability of services utilizing HTTP/2.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:ddbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:e846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:fc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:cbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:e4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:fab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "RHBZ#2467815",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467815"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33814",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33814"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33814",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33814"
},
{
"category": "external",
"summary": "https://go.dev/cl/761581",
"url": "https://go.dev/cl/761581"
},
{
"category": "external",
"summary": "https://go.dev/cl/761640",
"url": "https://go.dev/cl/761640"
},
{
"category": "external",
"summary": "https://go.dev/issue/78476",
"url": "https://go.dev/issue/78476"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4918",
"url": "https://pkg.go.dev/vuln/GO-2026-4918"
}
],
"release_date": "2026-05-07T19:41:17.631000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T14:56:08+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.2.7 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.2",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:ddbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:e846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:fc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33142"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:ddbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:e846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:fc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:cbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:e4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:fab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:ddbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:e846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:fc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:cbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:e4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:fab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame"
},
{
"cve": "CVE-2026-39820",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-05-07T20:01:27.800929+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:cbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:e4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:fab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467820"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net/mail` package. Applications processing untrusted email inputs via `ParseAddress`, `ParseAddressList`, or `ParseDate` functions are susceptible to excessive resource consumption, which can lead to service unavailability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:ddbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:e846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:fc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:cbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:e4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:fab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "RHBZ#2467820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467820"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39820",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39820"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://go.dev/cl/759940",
"url": "https://go.dev/cl/759940"
},
{
"category": "external",
"summary": "https://go.dev/issue/78566",
"url": "https://go.dev/issue/78566"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4986",
"url": "https://pkg.go.dev/vuln/GO-2026-4986"
}
],
"release_date": "2026-05-07T19:41:19.854000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T14:56:08+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.2.7 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.2",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:ddbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:e846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:fc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33142"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:ddbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:e846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:fc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:cbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:e4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:fab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:ddbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:e846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:fc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:cbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:e4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:fab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs"
},
{
"cve": "CVE-2026-42499",
"cwe": {
"id": "CWE-1046",
"name": "Creation of Immutable Text Using String Concatenation"
},
"discovery_date": "2026-05-07T20:00:51.685602+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:cbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:e4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:fab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467809"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the `net/mail` package of the Go standard library. A remote attacker can exploit this flaw by sending specially crafted email addresses, leading to excessive resource consumption and a denial of service in Go applications that parse email addresses using the affected library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:ddbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:e846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:fc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:cbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:e4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:fab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "RHBZ#2467809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467809"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42499",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42499"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://go.dev/cl/771520",
"url": "https://go.dev/cl/771520"
},
{
"category": "external",
"summary": "https://go.dev/issue/78987",
"url": "https://go.dev/issue/78987"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4977",
"url": "https://pkg.go.dev/vuln/GO-2026-4977"
}
],
"release_date": "2026-05-07T19:41:18.615000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T14:56:08+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.2.7 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.2",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:ddbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:e846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:fc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33142"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:ddbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:e846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:fc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:cbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:e4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:fab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:6361c72a416f9c526cb8bd5302a09576ecb42783b5463373b4e1a156a853e7c7_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:9f1288a84d733a35b614799b089d7387eb531d93a74a6c3c000050f25c02e118_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:ddbadeeccbdf5d5790fe0b0d1f73c20a076c78abf4a3b772cb3a659da1cb498e_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:e846c7a3249d9adde4fe726ea014a9baeda40ac77682956d2eb7a7d0b98d44b2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:532913386d1d87491af0103aaa5864f7a6c49b1102b797d3ee1abf9fdd30f6af_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:654aaa8fed47874eab09983497f3e8ca68c585f1d571b7cb16e74456d0507a1b_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:7c8176fdbaa174d3e63d19a1b3ff87265b933222001b93e48c727b803e57cf65_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c489a0307f63b00c751076a2094965e6abb4156ab699fe6f7a3cacba4a21584c_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:2c856d274a80d96a0baf6637fb8d80de3c8ab4b33e81dd0010f8ba2322dde6e2_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:52faa002893296c093bb9a54b83fdb32e0ff51bbec06cea798eb90fe6c3ef248_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:61a9860dfcda26edb8b93c43f21c9e02e2d3cd77b38796be02757df310bb8ac5_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:76b3c3919d3568cc0d89f7c856ed8a2375e30a31d7a951b9f314c13b832b1f7d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:009aeda3bde6e5594ba93e4fbf40c6016847e7b43662a6116a27525a3156053e_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:11c730544a9bb63c8904584852b72258e72d27490f7e3d81563de58472dda1a9_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:ad1307ea51df6499586f5bca6f199eba0ed210c0c92cb956dc369c260bc2365f_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:d7701c740d3dfd0a09779d16959d6f152f833e0412e596b814a1aa59fe786375_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:4daa21ee08d85e5e730e2b58505921432b0dea68d9070657c0056dad1a811cad_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:70b467c190151f56fb06e8f1dcf310df9df814c7385bcfd445f7fba632a67a02_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:e2631180cdd17b45eada7b7bc819a11820c579e99f752591ba436738cbc68e65_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:fc1ade41eb326612cfb20663acc42544138b26aa139b0c34672f7a41913ab772_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:cbd159ca7efa82158770d4d2c77ef594f3abe09eb15af211af310183b70e0b39_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:3e87bd8143a3c855ff49c81de4659f1543778ba14c84cde5be25c266ad9f662a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:e4112975c38998a87442a638362137ae09e1d37ff5223646c0e1b5d0fa23f35b_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f91bcf707e6e9124f82b85349909a34b95feacaa429b9b7c56e78c391f87211d_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:fab818bf0fb122eddbf2180491168661a70c709f6aaaaf3fac78595d0cc0a13e_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing"
}
]
}
RHSA-2026:33150
Vulnerability from csaf_redhat - Published: 2026-06-29 15:29 - Updated: 2026-07-07 18:58A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:33b95627674ae3c2c861b608ed1774eebf0fb935ac68252607a47f85d08b2e9e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:80ec849e60eea36fac738606f21f7913b58c73adad65ea90f28c85322825d834_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b49f1a001e39eda43e5663f883497795115033e4f9244ddfe2eb0157c108f8e4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:c4540d0958efbefb455276b66e2eefc857c0a081f62ae5d2fedaca4194b54af5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:92457a690fbc08e28e12fd27a9496eb96d7ebaeb2d020c37b85aa6b9e4c118b0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b8296fd78c18bd81fb337551e3535a89ddef292673bb96e3aa7ea7934ebc8f04_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:d7af5398b0e60a6531627a2a58bde371e83448eed320a7965904a574d8e0b085_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:ef1aecb6e0f4e3adb6e402dd6c9ad67fbc1a2788f1e5beb6ccae325428780018_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:19b2d80d3968aa8dd004a5928b43ef741e62c1f5991923ac9d0e6a529264205c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9f5b9a1c78a9c66f4f1234b1dc5d5c607b08ca376a7fe5189ba30e3552797435_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a6f021e3e71117be6d033874e5c84bca7e13beed284259bf2398e36759740e13_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b526221d3897f33a9bf621c0f73d772d2982856b70bcbda107cf1a644b30562e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:16e423afb75103bd669214d1b1290a518ce5fb6c892dec4146720bbcf83baa73_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:67d00b75ead6bae7ff671f10446f292a5db5437ff99e4d59635330de8ab7002c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ca2402ccdb16d77237bd8e60553dcac65f8345d70b5b20815039f954543713d7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ed825173015eac1018f157365defbac336f4d791ca5133e992abd17c9f153c67_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2782bb9a9ef969484a11457d74cf601c269b40ee04443c9971dce2f3991f8f84_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:45bcc823540a2b4a733d5e62d21add913355757eb9fe7e98c3c0abe367ff0fce_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:500bdbe8258d40029f4b01cb59db71a631cd334601ba9398ac66b68fe13e7202_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84ad0a9408aa3f3aafb2ee2cae236cba9099a348df038c70f4bc2612d752c21b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:e5045fa856fea16678dde8489381e393028a79dd23b2d479ada0396248eec546_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:402493b3158a8bb9e3fd173ebd101c404a68c7a07e5176a9b70fa3e7ee9c1187_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:6a851b3cd3c201a1e2a8ddea7c21fc1c7d5845fe73c0ca5b902a72a1585d2132_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:c15c43a0719287a27aa75e3391e4e1fb96c1aa69e2982b34a0a98f99d23b6fd9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f26bf9d900f0682660af10575c78fbb6aa7cf7bb8287f8aef4461e5add63409c_ppc64le | — |
Workaround
|
A flaw was found in the HTTP/2 protocol implementation within the Go standard library (golang.org/x/net and net/http/internal/http2). A remote attacker can exploit this vulnerability by sending a specially crafted HTTP/2 SETTINGS frame with the SETTINGS_MAX_FRAME_SIZE parameter set to zero. This malicious frame causes the transport layer to enter an infinite loop of writing CONTINUATION frames, leading to resource exhaustion and a Denial of Service (DoS) condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:33b95627674ae3c2c861b608ed1774eebf0fb935ac68252607a47f85d08b2e9e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:80ec849e60eea36fac738606f21f7913b58c73adad65ea90f28c85322825d834_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b49f1a001e39eda43e5663f883497795115033e4f9244ddfe2eb0157c108f8e4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:c4540d0958efbefb455276b66e2eefc857c0a081f62ae5d2fedaca4194b54af5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:92457a690fbc08e28e12fd27a9496eb96d7ebaeb2d020c37b85aa6b9e4c118b0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b8296fd78c18bd81fb337551e3535a89ddef292673bb96e3aa7ea7934ebc8f04_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:d7af5398b0e60a6531627a2a58bde371e83448eed320a7965904a574d8e0b085_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:ef1aecb6e0f4e3adb6e402dd6c9ad67fbc1a2788f1e5beb6ccae325428780018_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:19b2d80d3968aa8dd004a5928b43ef741e62c1f5991923ac9d0e6a529264205c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9f5b9a1c78a9c66f4f1234b1dc5d5c607b08ca376a7fe5189ba30e3552797435_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a6f021e3e71117be6d033874e5c84bca7e13beed284259bf2398e36759740e13_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b526221d3897f33a9bf621c0f73d772d2982856b70bcbda107cf1a644b30562e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:16e423afb75103bd669214d1b1290a518ce5fb6c892dec4146720bbcf83baa73_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:67d00b75ead6bae7ff671f10446f292a5db5437ff99e4d59635330de8ab7002c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ca2402ccdb16d77237bd8e60553dcac65f8345d70b5b20815039f954543713d7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ed825173015eac1018f157365defbac336f4d791ca5133e992abd17c9f153c67_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2782bb9a9ef969484a11457d74cf601c269b40ee04443c9971dce2f3991f8f84_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:45bcc823540a2b4a733d5e62d21add913355757eb9fe7e98c3c0abe367ff0fce_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:500bdbe8258d40029f4b01cb59db71a631cd334601ba9398ac66b68fe13e7202_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84ad0a9408aa3f3aafb2ee2cae236cba9099a348df038c70f4bc2612d752c21b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:e5045fa856fea16678dde8489381e393028a79dd23b2d479ada0396248eec546_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:402493b3158a8bb9e3fd173ebd101c404a68c7a07e5176a9b70fa3e7ee9c1187_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:6a851b3cd3c201a1e2a8ddea7c21fc1c7d5845fe73c0ca5b902a72a1585d2132_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:c15c43a0719287a27aa75e3391e4e1fb96c1aa69e2982b34a0a98f99d23b6fd9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f26bf9d900f0682660af10575c78fbb6aa7cf7bb8287f8aef4461e5add63409c_ppc64le | — |
Workaround
|
A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:33b95627674ae3c2c861b608ed1774eebf0fb935ac68252607a47f85d08b2e9e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:80ec849e60eea36fac738606f21f7913b58c73adad65ea90f28c85322825d834_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b49f1a001e39eda43e5663f883497795115033e4f9244ddfe2eb0157c108f8e4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:c4540d0958efbefb455276b66e2eefc857c0a081f62ae5d2fedaca4194b54af5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:92457a690fbc08e28e12fd27a9496eb96d7ebaeb2d020c37b85aa6b9e4c118b0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b8296fd78c18bd81fb337551e3535a89ddef292673bb96e3aa7ea7934ebc8f04_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:d7af5398b0e60a6531627a2a58bde371e83448eed320a7965904a574d8e0b085_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:ef1aecb6e0f4e3adb6e402dd6c9ad67fbc1a2788f1e5beb6ccae325428780018_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:19b2d80d3968aa8dd004a5928b43ef741e62c1f5991923ac9d0e6a529264205c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9f5b9a1c78a9c66f4f1234b1dc5d5c607b08ca376a7fe5189ba30e3552797435_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a6f021e3e71117be6d033874e5c84bca7e13beed284259bf2398e36759740e13_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b526221d3897f33a9bf621c0f73d772d2982856b70bcbda107cf1a644b30562e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:16e423afb75103bd669214d1b1290a518ce5fb6c892dec4146720bbcf83baa73_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:67d00b75ead6bae7ff671f10446f292a5db5437ff99e4d59635330de8ab7002c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ca2402ccdb16d77237bd8e60553dcac65f8345d70b5b20815039f954543713d7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ed825173015eac1018f157365defbac336f4d791ca5133e992abd17c9f153c67_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2782bb9a9ef969484a11457d74cf601c269b40ee04443c9971dce2f3991f8f84_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:45bcc823540a2b4a733d5e62d21add913355757eb9fe7e98c3c0abe367ff0fce_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:500bdbe8258d40029f4b01cb59db71a631cd334601ba9398ac66b68fe13e7202_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84ad0a9408aa3f3aafb2ee2cae236cba9099a348df038c70f4bc2612d752c21b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:e5045fa856fea16678dde8489381e393028a79dd23b2d479ada0396248eec546_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:402493b3158a8bb9e3fd173ebd101c404a68c7a07e5176a9b70fa3e7ee9c1187_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:6a851b3cd3c201a1e2a8ddea7c21fc1c7d5845fe73c0ca5b902a72a1585d2132_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:c15c43a0719287a27aa75e3391e4e1fb96c1aa69e2982b34a0a98f99d23b6fd9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f26bf9d900f0682660af10575c78fbb6aa7cf7bb8287f8aef4461e5add63409c_ppc64le | — |
Workaround
|
A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:33b95627674ae3c2c861b608ed1774eebf0fb935ac68252607a47f85d08b2e9e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:80ec849e60eea36fac738606f21f7913b58c73adad65ea90f28c85322825d834_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b49f1a001e39eda43e5663f883497795115033e4f9244ddfe2eb0157c108f8e4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:c4540d0958efbefb455276b66e2eefc857c0a081f62ae5d2fedaca4194b54af5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:92457a690fbc08e28e12fd27a9496eb96d7ebaeb2d020c37b85aa6b9e4c118b0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b8296fd78c18bd81fb337551e3535a89ddef292673bb96e3aa7ea7934ebc8f04_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:d7af5398b0e60a6531627a2a58bde371e83448eed320a7965904a574d8e0b085_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:ef1aecb6e0f4e3adb6e402dd6c9ad67fbc1a2788f1e5beb6ccae325428780018_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:19b2d80d3968aa8dd004a5928b43ef741e62c1f5991923ac9d0e6a529264205c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9f5b9a1c78a9c66f4f1234b1dc5d5c607b08ca376a7fe5189ba30e3552797435_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a6f021e3e71117be6d033874e5c84bca7e13beed284259bf2398e36759740e13_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b526221d3897f33a9bf621c0f73d772d2982856b70bcbda107cf1a644b30562e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:16e423afb75103bd669214d1b1290a518ce5fb6c892dec4146720bbcf83baa73_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:67d00b75ead6bae7ff671f10446f292a5db5437ff99e4d59635330de8ab7002c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ca2402ccdb16d77237bd8e60553dcac65f8345d70b5b20815039f954543713d7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ed825173015eac1018f157365defbac336f4d791ca5133e992abd17c9f153c67_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2782bb9a9ef969484a11457d74cf601c269b40ee04443c9971dce2f3991f8f84_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:45bcc823540a2b4a733d5e62d21add913355757eb9fe7e98c3c0abe367ff0fce_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:500bdbe8258d40029f4b01cb59db71a631cd334601ba9398ac66b68fe13e7202_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84ad0a9408aa3f3aafb2ee2cae236cba9099a348df038c70f4bc2612d752c21b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:e5045fa856fea16678dde8489381e393028a79dd23b2d479ada0396248eec546_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:402493b3158a8bb9e3fd173ebd101c404a68c7a07e5176a9b70fa3e7ee9c1187_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:6a851b3cd3c201a1e2a8ddea7c21fc1c7d5845fe73c0ca5b902a72a1585d2132_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:c15c43a0719287a27aa75e3391e4e1fb96c1aa69e2982b34a0a98f99d23b6fd9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f26bf9d900f0682660af10575c78fbb6aa7cf7bb8287f8aef4461e5add63409c_ppc64le | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh 3.3.5\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh 3.3.5, which is based on the open source Istio project, addresses a variety of problems in a microservice architecture by creating a centralized point of control in an application.\n\nSecurity Fix(es):\n\n* CVE-2026-39820 openshift-golang-builder-container: Go net/mail: Denial of Service via crafted email inputs (OSSM-14270)\n* CVE-2026-42499 openshift-golang-builder-container: net/mail: Denial of Service via pathological email address parsing (OSSM-14502)\n* CVE-2026-33814 openshift-golang-builder-container: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame (OSSM-14547)\n* CVE-2026-33811 openshift-golang-builder-container: Go net package: Denial of Service via long CNAME response in LookupCNAME (OSSM-14565)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:33150",
"url": "https://access.redhat.com/errata/RHSA-2026:33150"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33811",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33814",
"url": "https://access.redhat.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39820",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42499",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_33150.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.3.5",
"tracking": {
"current_release_date": "2026-07-07T18:58:37+00:00",
"generator": {
"date": "2026-07-07T18:58:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:33150",
"initial_release_date": "2026-06-29T15:29:11+00:00",
"revision_history": [
{
"date": "2026-06-29T15:29:11+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-29T15:29:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-07T18:58:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Service Mesh 3.3",
"product": {
"name": "Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:3.3::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:e5045fa856fea16678dde8489381e393028a79dd23b2d479ada0396248eec546_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:e5045fa856fea16678dde8489381e393028a79dd23b2d479ada0396248eec546_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:e5045fa856fea16678dde8489381e393028a79dd23b2d479ada0396248eec546_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-sail-operator-bundle@sha256%3Ae5045fa856fea16678dde8489381e393028a79dd23b2d479ada0396248eec546?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle\u0026tag=1782315701"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:c4540d0958efbefb455276b66e2eefc857c0a081f62ae5d2fedaca4194b54af5_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:c4540d0958efbefb455276b66e2eefc857c0a081f62ae5d2fedaca4194b54af5_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:c4540d0958efbefb455276b66e2eefc857c0a081f62ae5d2fedaca4194b54af5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3Ac4540d0958efbefb455276b66e2eefc857c0a081f62ae5d2fedaca4194b54af5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel9\u0026tag=1782223045"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84ad0a9408aa3f3aafb2ee2cae236cba9099a348df038c70f4bc2612d752c21b_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84ad0a9408aa3f3aafb2ee2cae236cba9099a348df038c70f4bc2612d752c21b_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84ad0a9408aa3f3aafb2ee2cae236cba9099a348df038c70f4bc2612d752c21b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A84ad0a9408aa3f3aafb2ee2cae236cba9099a348df038c70f4bc2612d752c21b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9\u0026tag=1782222206"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:67d00b75ead6bae7ff671f10446f292a5db5437ff99e4d59635330de8ab7002c_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:67d00b75ead6bae7ff671f10446f292a5db5437ff99e4d59635330de8ab7002c_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:67d00b75ead6bae7ff671f10446f292a5db5437ff99e4d59635330de8ab7002c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A67d00b75ead6bae7ff671f10446f292a5db5437ff99e4d59635330de8ab7002c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel9-operator\u0026tag=1782222038"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:92457a690fbc08e28e12fd27a9496eb96d7ebaeb2d020c37b85aa6b9e4c118b0_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:92457a690fbc08e28e12fd27a9496eb96d7ebaeb2d020c37b85aa6b9e4c118b0_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:92457a690fbc08e28e12fd27a9496eb96d7ebaeb2d020c37b85aa6b9e4c118b0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3A92457a690fbc08e28e12fd27a9496eb96d7ebaeb2d020c37b85aa6b9e4c118b0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9\u0026tag=1782222366"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:19b2d80d3968aa8dd004a5928b43ef741e62c1f5991923ac9d0e6a529264205c_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:19b2d80d3968aa8dd004a5928b43ef741e62c1f5991923ac9d0e6a529264205c_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:19b2d80d3968aa8dd004a5928b43ef741e62c1f5991923ac9d0e6a529264205c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3A19b2d80d3968aa8dd004a5928b43ef741e62c1f5991923ac9d0e6a529264205c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9\u0026tag=1782310747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:6a851b3cd3c201a1e2a8ddea7c21fc1c7d5845fe73c0ca5b902a72a1585d2132_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:6a851b3cd3c201a1e2a8ddea7c21fc1c7d5845fe73c0ca5b902a72a1585d2132_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:6a851b3cd3c201a1e2a8ddea7c21fc1c7d5845fe73c0ca5b902a72a1585d2132_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3A6a851b3cd3c201a1e2a8ddea7c21fc1c7d5845fe73c0ca5b902a72a1585d2132?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9\u0026tag=1782222723"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b49f1a001e39eda43e5663f883497795115033e4f9244ddfe2eb0157c108f8e4_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b49f1a001e39eda43e5663f883497795115033e4f9244ddfe2eb0157c108f8e4_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b49f1a001e39eda43e5663f883497795115033e4f9244ddfe2eb0157c108f8e4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3Ab49f1a001e39eda43e5663f883497795115033e4f9244ddfe2eb0157c108f8e4?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel9\u0026tag=1782223045"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:500bdbe8258d40029f4b01cb59db71a631cd334601ba9398ac66b68fe13e7202_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:500bdbe8258d40029f4b01cb59db71a631cd334601ba9398ac66b68fe13e7202_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:500bdbe8258d40029f4b01cb59db71a631cd334601ba9398ac66b68fe13e7202_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A500bdbe8258d40029f4b01cb59db71a631cd334601ba9398ac66b68fe13e7202?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9\u0026tag=1782222206"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:16e423afb75103bd669214d1b1290a518ce5fb6c892dec4146720bbcf83baa73_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:16e423afb75103bd669214d1b1290a518ce5fb6c892dec4146720bbcf83baa73_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:16e423afb75103bd669214d1b1290a518ce5fb6c892dec4146720bbcf83baa73_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A16e423afb75103bd669214d1b1290a518ce5fb6c892dec4146720bbcf83baa73?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel9-operator\u0026tag=1782222038"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:d7af5398b0e60a6531627a2a58bde371e83448eed320a7965904a574d8e0b085_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:d7af5398b0e60a6531627a2a58bde371e83448eed320a7965904a574d8e0b085_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:d7af5398b0e60a6531627a2a58bde371e83448eed320a7965904a574d8e0b085_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3Ad7af5398b0e60a6531627a2a58bde371e83448eed320a7965904a574d8e0b085?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9\u0026tag=1782222366"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b526221d3897f33a9bf621c0f73d772d2982856b70bcbda107cf1a644b30562e_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b526221d3897f33a9bf621c0f73d772d2982856b70bcbda107cf1a644b30562e_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b526221d3897f33a9bf621c0f73d772d2982856b70bcbda107cf1a644b30562e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3Ab526221d3897f33a9bf621c0f73d772d2982856b70bcbda107cf1a644b30562e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9\u0026tag=1782310747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:c15c43a0719287a27aa75e3391e4e1fb96c1aa69e2982b34a0a98f99d23b6fd9_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:c15c43a0719287a27aa75e3391e4e1fb96c1aa69e2982b34a0a98f99d23b6fd9_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:c15c43a0719287a27aa75e3391e4e1fb96c1aa69e2982b34a0a98f99d23b6fd9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3Ac15c43a0719287a27aa75e3391e4e1fb96c1aa69e2982b34a0a98f99d23b6fd9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9\u0026tag=1782222723"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:80ec849e60eea36fac738606f21f7913b58c73adad65ea90f28c85322825d834_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:80ec849e60eea36fac738606f21f7913b58c73adad65ea90f28c85322825d834_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:80ec849e60eea36fac738606f21f7913b58c73adad65ea90f28c85322825d834_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A80ec849e60eea36fac738606f21f7913b58c73adad65ea90f28c85322825d834?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel9\u0026tag=1782223045"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2782bb9a9ef969484a11457d74cf601c269b40ee04443c9971dce2f3991f8f84_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2782bb9a9ef969484a11457d74cf601c269b40ee04443c9971dce2f3991f8f84_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2782bb9a9ef969484a11457d74cf601c269b40ee04443c9971dce2f3991f8f84_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A2782bb9a9ef969484a11457d74cf601c269b40ee04443c9971dce2f3991f8f84?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9\u0026tag=1782222206"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ca2402ccdb16d77237bd8e60553dcac65f8345d70b5b20815039f954543713d7_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ca2402ccdb16d77237bd8e60553dcac65f8345d70b5b20815039f954543713d7_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ca2402ccdb16d77237bd8e60553dcac65f8345d70b5b20815039f954543713d7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3Aca2402ccdb16d77237bd8e60553dcac65f8345d70b5b20815039f954543713d7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel9-operator\u0026tag=1782222038"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:ef1aecb6e0f4e3adb6e402dd6c9ad67fbc1a2788f1e5beb6ccae325428780018_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:ef1aecb6e0f4e3adb6e402dd6c9ad67fbc1a2788f1e5beb6ccae325428780018_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:ef1aecb6e0f4e3adb6e402dd6c9ad67fbc1a2788f1e5beb6ccae325428780018_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3Aef1aecb6e0f4e3adb6e402dd6c9ad67fbc1a2788f1e5beb6ccae325428780018?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9\u0026tag=1782222366"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9f5b9a1c78a9c66f4f1234b1dc5d5c607b08ca376a7fe5189ba30e3552797435_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9f5b9a1c78a9c66f4f1234b1dc5d5c607b08ca376a7fe5189ba30e3552797435_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9f5b9a1c78a9c66f4f1234b1dc5d5c607b08ca376a7fe5189ba30e3552797435_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3A9f5b9a1c78a9c66f4f1234b1dc5d5c607b08ca376a7fe5189ba30e3552797435?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9\u0026tag=1782310747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f26bf9d900f0682660af10575c78fbb6aa7cf7bb8287f8aef4461e5add63409c_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f26bf9d900f0682660af10575c78fbb6aa7cf7bb8287f8aef4461e5add63409c_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f26bf9d900f0682660af10575c78fbb6aa7cf7bb8287f8aef4461e5add63409c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3Af26bf9d900f0682660af10575c78fbb6aa7cf7bb8287f8aef4461e5add63409c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9\u0026tag=1782222723"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:33b95627674ae3c2c861b608ed1774eebf0fb935ac68252607a47f85d08b2e9e_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:33b95627674ae3c2c861b608ed1774eebf0fb935ac68252607a47f85d08b2e9e_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:33b95627674ae3c2c861b608ed1774eebf0fb935ac68252607a47f85d08b2e9e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A33b95627674ae3c2c861b608ed1774eebf0fb935ac68252607a47f85d08b2e9e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel9\u0026tag=1782223045"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:45bcc823540a2b4a733d5e62d21add913355757eb9fe7e98c3c0abe367ff0fce_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:45bcc823540a2b4a733d5e62d21add913355757eb9fe7e98c3c0abe367ff0fce_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:45bcc823540a2b4a733d5e62d21add913355757eb9fe7e98c3c0abe367ff0fce_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A45bcc823540a2b4a733d5e62d21add913355757eb9fe7e98c3c0abe367ff0fce?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9\u0026tag=1782222206"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ed825173015eac1018f157365defbac336f4d791ca5133e992abd17c9f153c67_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ed825173015eac1018f157365defbac336f4d791ca5133e992abd17c9f153c67_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ed825173015eac1018f157365defbac336f4d791ca5133e992abd17c9f153c67_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3Aed825173015eac1018f157365defbac336f4d791ca5133e992abd17c9f153c67?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel9-operator\u0026tag=1782222038"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b8296fd78c18bd81fb337551e3535a89ddef292673bb96e3aa7ea7934ebc8f04_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b8296fd78c18bd81fb337551e3535a89ddef292673bb96e3aa7ea7934ebc8f04_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b8296fd78c18bd81fb337551e3535a89ddef292673bb96e3aa7ea7934ebc8f04_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3Ab8296fd78c18bd81fb337551e3535a89ddef292673bb96e3aa7ea7934ebc8f04?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9\u0026tag=1782222366"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a6f021e3e71117be6d033874e5c84bca7e13beed284259bf2398e36759740e13_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a6f021e3e71117be6d033874e5c84bca7e13beed284259bf2398e36759740e13_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a6f021e3e71117be6d033874e5c84bca7e13beed284259bf2398e36759740e13_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3Aa6f021e3e71117be6d033874e5c84bca7e13beed284259bf2398e36759740e13?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9\u0026tag=1782310747"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:402493b3158a8bb9e3fd173ebd101c404a68c7a07e5176a9b70fa3e7ee9c1187_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:402493b3158a8bb9e3fd173ebd101c404a68c7a07e5176a9b70fa3e7ee9c1187_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:402493b3158a8bb9e3fd173ebd101c404a68c7a07e5176a9b70fa3e7ee9c1187_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3A402493b3158a8bb9e3fd173ebd101c404a68c7a07e5176a9b70fa3e7ee9c1187?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9\u0026tag=1782222723"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:33b95627674ae3c2c861b608ed1774eebf0fb935ac68252607a47f85d08b2e9e_s390x as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:33b95627674ae3c2c861b608ed1774eebf0fb935ac68252607a47f85d08b2e9e_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:33b95627674ae3c2c861b608ed1774eebf0fb935ac68252607a47f85d08b2e9e_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:80ec849e60eea36fac738606f21f7913b58c73adad65ea90f28c85322825d834_ppc64le as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:80ec849e60eea36fac738606f21f7913b58c73adad65ea90f28c85322825d834_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:80ec849e60eea36fac738606f21f7913b58c73adad65ea90f28c85322825d834_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b49f1a001e39eda43e5663f883497795115033e4f9244ddfe2eb0157c108f8e4_arm64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b49f1a001e39eda43e5663f883497795115033e4f9244ddfe2eb0157c108f8e4_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b49f1a001e39eda43e5663f883497795115033e4f9244ddfe2eb0157c108f8e4_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:c4540d0958efbefb455276b66e2eefc857c0a081f62ae5d2fedaca4194b54af5_amd64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:c4540d0958efbefb455276b66e2eefc857c0a081f62ae5d2fedaca4194b54af5_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:c4540d0958efbefb455276b66e2eefc857c0a081f62ae5d2fedaca4194b54af5_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2782bb9a9ef969484a11457d74cf601c269b40ee04443c9971dce2f3991f8f84_ppc64le as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2782bb9a9ef969484a11457d74cf601c269b40ee04443c9971dce2f3991f8f84_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2782bb9a9ef969484a11457d74cf601c269b40ee04443c9971dce2f3991f8f84_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:45bcc823540a2b4a733d5e62d21add913355757eb9fe7e98c3c0abe367ff0fce_s390x as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:45bcc823540a2b4a733d5e62d21add913355757eb9fe7e98c3c0abe367ff0fce_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:45bcc823540a2b4a733d5e62d21add913355757eb9fe7e98c3c0abe367ff0fce_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:500bdbe8258d40029f4b01cb59db71a631cd334601ba9398ac66b68fe13e7202_arm64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:500bdbe8258d40029f4b01cb59db71a631cd334601ba9398ac66b68fe13e7202_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:500bdbe8258d40029f4b01cb59db71a631cd334601ba9398ac66b68fe13e7202_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84ad0a9408aa3f3aafb2ee2cae236cba9099a348df038c70f4bc2612d752c21b_amd64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84ad0a9408aa3f3aafb2ee2cae236cba9099a348df038c70f4bc2612d752c21b_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84ad0a9408aa3f3aafb2ee2cae236cba9099a348df038c70f4bc2612d752c21b_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:92457a690fbc08e28e12fd27a9496eb96d7ebaeb2d020c37b85aa6b9e4c118b0_amd64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:92457a690fbc08e28e12fd27a9496eb96d7ebaeb2d020c37b85aa6b9e4c118b0_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:92457a690fbc08e28e12fd27a9496eb96d7ebaeb2d020c37b85aa6b9e4c118b0_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b8296fd78c18bd81fb337551e3535a89ddef292673bb96e3aa7ea7934ebc8f04_s390x as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b8296fd78c18bd81fb337551e3535a89ddef292673bb96e3aa7ea7934ebc8f04_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b8296fd78c18bd81fb337551e3535a89ddef292673bb96e3aa7ea7934ebc8f04_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:d7af5398b0e60a6531627a2a58bde371e83448eed320a7965904a574d8e0b085_arm64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:d7af5398b0e60a6531627a2a58bde371e83448eed320a7965904a574d8e0b085_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:d7af5398b0e60a6531627a2a58bde371e83448eed320a7965904a574d8e0b085_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:ef1aecb6e0f4e3adb6e402dd6c9ad67fbc1a2788f1e5beb6ccae325428780018_ppc64le as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:ef1aecb6e0f4e3adb6e402dd6c9ad67fbc1a2788f1e5beb6ccae325428780018_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:ef1aecb6e0f4e3adb6e402dd6c9ad67fbc1a2788f1e5beb6ccae325428780018_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:19b2d80d3968aa8dd004a5928b43ef741e62c1f5991923ac9d0e6a529264205c_amd64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:19b2d80d3968aa8dd004a5928b43ef741e62c1f5991923ac9d0e6a529264205c_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:19b2d80d3968aa8dd004a5928b43ef741e62c1f5991923ac9d0e6a529264205c_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9f5b9a1c78a9c66f4f1234b1dc5d5c607b08ca376a7fe5189ba30e3552797435_ppc64le as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9f5b9a1c78a9c66f4f1234b1dc5d5c607b08ca376a7fe5189ba30e3552797435_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9f5b9a1c78a9c66f4f1234b1dc5d5c607b08ca376a7fe5189ba30e3552797435_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a6f021e3e71117be6d033874e5c84bca7e13beed284259bf2398e36759740e13_s390x as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a6f021e3e71117be6d033874e5c84bca7e13beed284259bf2398e36759740e13_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a6f021e3e71117be6d033874e5c84bca7e13beed284259bf2398e36759740e13_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b526221d3897f33a9bf621c0f73d772d2982856b70bcbda107cf1a644b30562e_arm64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b526221d3897f33a9bf621c0f73d772d2982856b70bcbda107cf1a644b30562e_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b526221d3897f33a9bf621c0f73d772d2982856b70bcbda107cf1a644b30562e_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:16e423afb75103bd669214d1b1290a518ce5fb6c892dec4146720bbcf83baa73_arm64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:16e423afb75103bd669214d1b1290a518ce5fb6c892dec4146720bbcf83baa73_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:16e423afb75103bd669214d1b1290a518ce5fb6c892dec4146720bbcf83baa73_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:67d00b75ead6bae7ff671f10446f292a5db5437ff99e4d59635330de8ab7002c_amd64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:67d00b75ead6bae7ff671f10446f292a5db5437ff99e4d59635330de8ab7002c_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:67d00b75ead6bae7ff671f10446f292a5db5437ff99e4d59635330de8ab7002c_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ca2402ccdb16d77237bd8e60553dcac65f8345d70b5b20815039f954543713d7_ppc64le as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ca2402ccdb16d77237bd8e60553dcac65f8345d70b5b20815039f954543713d7_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ca2402ccdb16d77237bd8e60553dcac65f8345d70b5b20815039f954543713d7_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ed825173015eac1018f157365defbac336f4d791ca5133e992abd17c9f153c67_s390x as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ed825173015eac1018f157365defbac336f4d791ca5133e992abd17c9f153c67_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ed825173015eac1018f157365defbac336f4d791ca5133e992abd17c9f153c67_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:e5045fa856fea16678dde8489381e393028a79dd23b2d479ada0396248eec546_amd64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:e5045fa856fea16678dde8489381e393028a79dd23b2d479ada0396248eec546_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:e5045fa856fea16678dde8489381e393028a79dd23b2d479ada0396248eec546_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:402493b3158a8bb9e3fd173ebd101c404a68c7a07e5176a9b70fa3e7ee9c1187_s390x as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:402493b3158a8bb9e3fd173ebd101c404a68c7a07e5176a9b70fa3e7ee9c1187_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:402493b3158a8bb9e3fd173ebd101c404a68c7a07e5176a9b70fa3e7ee9c1187_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:6a851b3cd3c201a1e2a8ddea7c21fc1c7d5845fe73c0ca5b902a72a1585d2132_amd64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:6a851b3cd3c201a1e2a8ddea7c21fc1c7d5845fe73c0ca5b902a72a1585d2132_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:6a851b3cd3c201a1e2a8ddea7c21fc1c7d5845fe73c0ca5b902a72a1585d2132_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:c15c43a0719287a27aa75e3391e4e1fb96c1aa69e2982b34a0a98f99d23b6fd9_arm64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:c15c43a0719287a27aa75e3391e4e1fb96c1aa69e2982b34a0a98f99d23b6fd9_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:c15c43a0719287a27aa75e3391e4e1fb96c1aa69e2982b34a0a98f99d23b6fd9_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f26bf9d900f0682660af10575c78fbb6aa7cf7bb8287f8aef4461e5add63409c_ppc64le as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f26bf9d900f0682660af10575c78fbb6aa7cf7bb8287f8aef4461e5add63409c_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f26bf9d900f0682660af10575c78fbb6aa7cf7bb8287f8aef4461e5add63409c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33811",
"cwe": {
"id": "CWE-1341",
"name": "Multiple Releases of Same Resource or Handle"
},
"discovery_date": "2026-05-07T20:01:34.913869+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2782bb9a9ef969484a11457d74cf601c269b40ee04443c9971dce2f3991f8f84_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:45bcc823540a2b4a733d5e62d21add913355757eb9fe7e98c3c0abe367ff0fce_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:500bdbe8258d40029f4b01cb59db71a631cd334601ba9398ac66b68fe13e7202_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84ad0a9408aa3f3aafb2ee2cae236cba9099a348df038c70f4bc2612d752c21b_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:e5045fa856fea16678dde8489381e393028a79dd23b2d479ada0396248eec546_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:402493b3158a8bb9e3fd173ebd101c404a68c7a07e5176a9b70fa3e7ee9c1187_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:6a851b3cd3c201a1e2a8ddea7c21fc1c7d5845fe73c0ca5b902a72a1585d2132_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:c15c43a0719287a27aa75e3391e4e1fb96c1aa69e2982b34a0a98f99d23b6fd9_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f26bf9d900f0682660af10575c78fbb6aa7cf7bb8287f8aef4461e5add63409c_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467822"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net` package, affecting applications configured to use the `cgo` DNS resolver. A remote attacker could trigger a double-free memory error by providing a very long CNAME response, leading to a crash of the vulnerable application and impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:33b95627674ae3c2c861b608ed1774eebf0fb935ac68252607a47f85d08b2e9e_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:80ec849e60eea36fac738606f21f7913b58c73adad65ea90f28c85322825d834_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b49f1a001e39eda43e5663f883497795115033e4f9244ddfe2eb0157c108f8e4_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:c4540d0958efbefb455276b66e2eefc857c0a081f62ae5d2fedaca4194b54af5_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:92457a690fbc08e28e12fd27a9496eb96d7ebaeb2d020c37b85aa6b9e4c118b0_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b8296fd78c18bd81fb337551e3535a89ddef292673bb96e3aa7ea7934ebc8f04_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:d7af5398b0e60a6531627a2a58bde371e83448eed320a7965904a574d8e0b085_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:ef1aecb6e0f4e3adb6e402dd6c9ad67fbc1a2788f1e5beb6ccae325428780018_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:19b2d80d3968aa8dd004a5928b43ef741e62c1f5991923ac9d0e6a529264205c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9f5b9a1c78a9c66f4f1234b1dc5d5c607b08ca376a7fe5189ba30e3552797435_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a6f021e3e71117be6d033874e5c84bca7e13beed284259bf2398e36759740e13_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b526221d3897f33a9bf621c0f73d772d2982856b70bcbda107cf1a644b30562e_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:16e423afb75103bd669214d1b1290a518ce5fb6c892dec4146720bbcf83baa73_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:67d00b75ead6bae7ff671f10446f292a5db5437ff99e4d59635330de8ab7002c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ca2402ccdb16d77237bd8e60553dcac65f8345d70b5b20815039f954543713d7_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ed825173015eac1018f157365defbac336f4d791ca5133e992abd17c9f153c67_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2782bb9a9ef969484a11457d74cf601c269b40ee04443c9971dce2f3991f8f84_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:45bcc823540a2b4a733d5e62d21add913355757eb9fe7e98c3c0abe367ff0fce_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:500bdbe8258d40029f4b01cb59db71a631cd334601ba9398ac66b68fe13e7202_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84ad0a9408aa3f3aafb2ee2cae236cba9099a348df038c70f4bc2612d752c21b_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:e5045fa856fea16678dde8489381e393028a79dd23b2d479ada0396248eec546_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:402493b3158a8bb9e3fd173ebd101c404a68c7a07e5176a9b70fa3e7ee9c1187_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:6a851b3cd3c201a1e2a8ddea7c21fc1c7d5845fe73c0ca5b902a72a1585d2132_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:c15c43a0719287a27aa75e3391e4e1fb96c1aa69e2982b34a0a98f99d23b6fd9_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f26bf9d900f0682660af10575c78fbb6aa7cf7bb8287f8aef4461e5add63409c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "RHBZ#2467822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467822"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33811",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33811"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://go.dev/cl/767860",
"url": "https://go.dev/cl/767860"
},
{
"category": "external",
"summary": "https://go.dev/issue/78803",
"url": "https://go.dev/issue/78803"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4981",
"url": "https://pkg.go.dev/vuln/GO-2026-4981"
}
],
"release_date": "2026-05-07T19:41:19.285000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T15:29:11+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.3.5 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.3",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:33b95627674ae3c2c861b608ed1774eebf0fb935ac68252607a47f85d08b2e9e_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:80ec849e60eea36fac738606f21f7913b58c73adad65ea90f28c85322825d834_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b49f1a001e39eda43e5663f883497795115033e4f9244ddfe2eb0157c108f8e4_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:c4540d0958efbefb455276b66e2eefc857c0a081f62ae5d2fedaca4194b54af5_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:92457a690fbc08e28e12fd27a9496eb96d7ebaeb2d020c37b85aa6b9e4c118b0_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b8296fd78c18bd81fb337551e3535a89ddef292673bb96e3aa7ea7934ebc8f04_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:d7af5398b0e60a6531627a2a58bde371e83448eed320a7965904a574d8e0b085_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:ef1aecb6e0f4e3adb6e402dd6c9ad67fbc1a2788f1e5beb6ccae325428780018_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:19b2d80d3968aa8dd004a5928b43ef741e62c1f5991923ac9d0e6a529264205c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9f5b9a1c78a9c66f4f1234b1dc5d5c607b08ca376a7fe5189ba30e3552797435_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a6f021e3e71117be6d033874e5c84bca7e13beed284259bf2398e36759740e13_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b526221d3897f33a9bf621c0f73d772d2982856b70bcbda107cf1a644b30562e_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:16e423afb75103bd669214d1b1290a518ce5fb6c892dec4146720bbcf83baa73_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:67d00b75ead6bae7ff671f10446f292a5db5437ff99e4d59635330de8ab7002c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ca2402ccdb16d77237bd8e60553dcac65f8345d70b5b20815039f954543713d7_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ed825173015eac1018f157365defbac336f4d791ca5133e992abd17c9f153c67_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33150"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications can be configured to use the pure Go DNS resolver instead of the `cgo` DNS resolver. This can be achieved by setting the `GODEBUG` environment variable to `netdns=go`. For example, to run a Go application with this mitigation: `GODEBUG=netdns=go /path/to/your/go/application`. This change may require restarting affected applications or services to take effect. Users should verify that this change does not negatively impact DNS resolution for their specific application environment.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:33b95627674ae3c2c861b608ed1774eebf0fb935ac68252607a47f85d08b2e9e_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:80ec849e60eea36fac738606f21f7913b58c73adad65ea90f28c85322825d834_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b49f1a001e39eda43e5663f883497795115033e4f9244ddfe2eb0157c108f8e4_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:c4540d0958efbefb455276b66e2eefc857c0a081f62ae5d2fedaca4194b54af5_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2782bb9a9ef969484a11457d74cf601c269b40ee04443c9971dce2f3991f8f84_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:45bcc823540a2b4a733d5e62d21add913355757eb9fe7e98c3c0abe367ff0fce_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:500bdbe8258d40029f4b01cb59db71a631cd334601ba9398ac66b68fe13e7202_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84ad0a9408aa3f3aafb2ee2cae236cba9099a348df038c70f4bc2612d752c21b_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:92457a690fbc08e28e12fd27a9496eb96d7ebaeb2d020c37b85aa6b9e4c118b0_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b8296fd78c18bd81fb337551e3535a89ddef292673bb96e3aa7ea7934ebc8f04_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:d7af5398b0e60a6531627a2a58bde371e83448eed320a7965904a574d8e0b085_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:ef1aecb6e0f4e3adb6e402dd6c9ad67fbc1a2788f1e5beb6ccae325428780018_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:19b2d80d3968aa8dd004a5928b43ef741e62c1f5991923ac9d0e6a529264205c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9f5b9a1c78a9c66f4f1234b1dc5d5c607b08ca376a7fe5189ba30e3552797435_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a6f021e3e71117be6d033874e5c84bca7e13beed284259bf2398e36759740e13_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b526221d3897f33a9bf621c0f73d772d2982856b70bcbda107cf1a644b30562e_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:16e423afb75103bd669214d1b1290a518ce5fb6c892dec4146720bbcf83baa73_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:67d00b75ead6bae7ff671f10446f292a5db5437ff99e4d59635330de8ab7002c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ca2402ccdb16d77237bd8e60553dcac65f8345d70b5b20815039f954543713d7_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ed825173015eac1018f157365defbac336f4d791ca5133e992abd17c9f153c67_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:e5045fa856fea16678dde8489381e393028a79dd23b2d479ada0396248eec546_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:402493b3158a8bb9e3fd173ebd101c404a68c7a07e5176a9b70fa3e7ee9c1187_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:6a851b3cd3c201a1e2a8ddea7c21fc1c7d5845fe73c0ca5b902a72a1585d2132_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:c15c43a0719287a27aa75e3391e4e1fb96c1aa69e2982b34a0a98f99d23b6fd9_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f26bf9d900f0682660af10575c78fbb6aa7cf7bb8287f8aef4461e5add63409c_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:33b95627674ae3c2c861b608ed1774eebf0fb935ac68252607a47f85d08b2e9e_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:80ec849e60eea36fac738606f21f7913b58c73adad65ea90f28c85322825d834_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b49f1a001e39eda43e5663f883497795115033e4f9244ddfe2eb0157c108f8e4_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:c4540d0958efbefb455276b66e2eefc857c0a081f62ae5d2fedaca4194b54af5_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2782bb9a9ef969484a11457d74cf601c269b40ee04443c9971dce2f3991f8f84_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:45bcc823540a2b4a733d5e62d21add913355757eb9fe7e98c3c0abe367ff0fce_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:500bdbe8258d40029f4b01cb59db71a631cd334601ba9398ac66b68fe13e7202_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84ad0a9408aa3f3aafb2ee2cae236cba9099a348df038c70f4bc2612d752c21b_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:92457a690fbc08e28e12fd27a9496eb96d7ebaeb2d020c37b85aa6b9e4c118b0_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b8296fd78c18bd81fb337551e3535a89ddef292673bb96e3aa7ea7934ebc8f04_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:d7af5398b0e60a6531627a2a58bde371e83448eed320a7965904a574d8e0b085_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:ef1aecb6e0f4e3adb6e402dd6c9ad67fbc1a2788f1e5beb6ccae325428780018_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:19b2d80d3968aa8dd004a5928b43ef741e62c1f5991923ac9d0e6a529264205c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9f5b9a1c78a9c66f4f1234b1dc5d5c607b08ca376a7fe5189ba30e3552797435_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a6f021e3e71117be6d033874e5c84bca7e13beed284259bf2398e36759740e13_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b526221d3897f33a9bf621c0f73d772d2982856b70bcbda107cf1a644b30562e_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:16e423afb75103bd669214d1b1290a518ce5fb6c892dec4146720bbcf83baa73_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:67d00b75ead6bae7ff671f10446f292a5db5437ff99e4d59635330de8ab7002c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ca2402ccdb16d77237bd8e60553dcac65f8345d70b5b20815039f954543713d7_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ed825173015eac1018f157365defbac336f4d791ca5133e992abd17c9f153c67_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:e5045fa856fea16678dde8489381e393028a79dd23b2d479ada0396248eec546_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:402493b3158a8bb9e3fd173ebd101c404a68c7a07e5176a9b70fa3e7ee9c1187_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:6a851b3cd3c201a1e2a8ddea7c21fc1c7d5845fe73c0ca5b902a72a1585d2132_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:c15c43a0719287a27aa75e3391e4e1fb96c1aa69e2982b34a0a98f99d23b6fd9_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f26bf9d900f0682660af10575c78fbb6aa7cf7bb8287f8aef4461e5add63409c_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME"
},
{
"cve": "CVE-2026-33814",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-05-07T20:01:11.324941+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2782bb9a9ef969484a11457d74cf601c269b40ee04443c9971dce2f3991f8f84_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:45bcc823540a2b4a733d5e62d21add913355757eb9fe7e98c3c0abe367ff0fce_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:500bdbe8258d40029f4b01cb59db71a631cd334601ba9398ac66b68fe13e7202_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84ad0a9408aa3f3aafb2ee2cae236cba9099a348df038c70f4bc2612d752c21b_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:e5045fa856fea16678dde8489381e393028a79dd23b2d479ada0396248eec546_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:402493b3158a8bb9e3fd173ebd101c404a68c7a07e5176a9b70fa3e7ee9c1187_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:6a851b3cd3c201a1e2a8ddea7c21fc1c7d5845fe73c0ca5b902a72a1585d2132_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:c15c43a0719287a27aa75e3391e4e1fb96c1aa69e2982b34a0a98f99d23b6fd9_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f26bf9d900f0682660af10575c78fbb6aa7cf7bb8287f8aef4461e5add63409c_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467815"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the HTTP/2 protocol implementation within the Go standard library (golang.org/x/net and net/http/internal/http2). A remote attacker can exploit this vulnerability by sending a specially crafted HTTP/2 SETTINGS frame with the SETTINGS_MAX_FRAME_SIZE parameter set to zero. This malicious frame causes the transport layer to enter an infinite loop of writing CONTINUATION frames, leading to resource exhaustion and a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important denial of service flaw in the Go HTTP/2 protocol implementation allows a remote, unauthenticated attacker to exhaust system resources. By sending a specially crafted HTTP/2 SETTINGS frame with a zero-value SETTINGS_MAX_FRAME_SIZE, the vulnerable Go library enters an infinite loop, impacting the availability of services utilizing HTTP/2.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:33b95627674ae3c2c861b608ed1774eebf0fb935ac68252607a47f85d08b2e9e_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:80ec849e60eea36fac738606f21f7913b58c73adad65ea90f28c85322825d834_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b49f1a001e39eda43e5663f883497795115033e4f9244ddfe2eb0157c108f8e4_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:c4540d0958efbefb455276b66e2eefc857c0a081f62ae5d2fedaca4194b54af5_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:92457a690fbc08e28e12fd27a9496eb96d7ebaeb2d020c37b85aa6b9e4c118b0_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b8296fd78c18bd81fb337551e3535a89ddef292673bb96e3aa7ea7934ebc8f04_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:d7af5398b0e60a6531627a2a58bde371e83448eed320a7965904a574d8e0b085_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:ef1aecb6e0f4e3adb6e402dd6c9ad67fbc1a2788f1e5beb6ccae325428780018_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:19b2d80d3968aa8dd004a5928b43ef741e62c1f5991923ac9d0e6a529264205c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9f5b9a1c78a9c66f4f1234b1dc5d5c607b08ca376a7fe5189ba30e3552797435_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a6f021e3e71117be6d033874e5c84bca7e13beed284259bf2398e36759740e13_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b526221d3897f33a9bf621c0f73d772d2982856b70bcbda107cf1a644b30562e_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:16e423afb75103bd669214d1b1290a518ce5fb6c892dec4146720bbcf83baa73_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:67d00b75ead6bae7ff671f10446f292a5db5437ff99e4d59635330de8ab7002c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ca2402ccdb16d77237bd8e60553dcac65f8345d70b5b20815039f954543713d7_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ed825173015eac1018f157365defbac336f4d791ca5133e992abd17c9f153c67_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2782bb9a9ef969484a11457d74cf601c269b40ee04443c9971dce2f3991f8f84_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:45bcc823540a2b4a733d5e62d21add913355757eb9fe7e98c3c0abe367ff0fce_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:500bdbe8258d40029f4b01cb59db71a631cd334601ba9398ac66b68fe13e7202_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84ad0a9408aa3f3aafb2ee2cae236cba9099a348df038c70f4bc2612d752c21b_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:e5045fa856fea16678dde8489381e393028a79dd23b2d479ada0396248eec546_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:402493b3158a8bb9e3fd173ebd101c404a68c7a07e5176a9b70fa3e7ee9c1187_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:6a851b3cd3c201a1e2a8ddea7c21fc1c7d5845fe73c0ca5b902a72a1585d2132_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:c15c43a0719287a27aa75e3391e4e1fb96c1aa69e2982b34a0a98f99d23b6fd9_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f26bf9d900f0682660af10575c78fbb6aa7cf7bb8287f8aef4461e5add63409c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "RHBZ#2467815",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467815"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33814",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33814"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33814",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33814"
},
{
"category": "external",
"summary": "https://go.dev/cl/761581",
"url": "https://go.dev/cl/761581"
},
{
"category": "external",
"summary": "https://go.dev/cl/761640",
"url": "https://go.dev/cl/761640"
},
{
"category": "external",
"summary": "https://go.dev/issue/78476",
"url": "https://go.dev/issue/78476"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4918",
"url": "https://pkg.go.dev/vuln/GO-2026-4918"
}
],
"release_date": "2026-05-07T19:41:17.631000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T15:29:11+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.3.5 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.3",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:33b95627674ae3c2c861b608ed1774eebf0fb935ac68252607a47f85d08b2e9e_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:80ec849e60eea36fac738606f21f7913b58c73adad65ea90f28c85322825d834_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b49f1a001e39eda43e5663f883497795115033e4f9244ddfe2eb0157c108f8e4_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:c4540d0958efbefb455276b66e2eefc857c0a081f62ae5d2fedaca4194b54af5_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:92457a690fbc08e28e12fd27a9496eb96d7ebaeb2d020c37b85aa6b9e4c118b0_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b8296fd78c18bd81fb337551e3535a89ddef292673bb96e3aa7ea7934ebc8f04_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:d7af5398b0e60a6531627a2a58bde371e83448eed320a7965904a574d8e0b085_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:ef1aecb6e0f4e3adb6e402dd6c9ad67fbc1a2788f1e5beb6ccae325428780018_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:19b2d80d3968aa8dd004a5928b43ef741e62c1f5991923ac9d0e6a529264205c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9f5b9a1c78a9c66f4f1234b1dc5d5c607b08ca376a7fe5189ba30e3552797435_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a6f021e3e71117be6d033874e5c84bca7e13beed284259bf2398e36759740e13_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b526221d3897f33a9bf621c0f73d772d2982856b70bcbda107cf1a644b30562e_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:16e423afb75103bd669214d1b1290a518ce5fb6c892dec4146720bbcf83baa73_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:67d00b75ead6bae7ff671f10446f292a5db5437ff99e4d59635330de8ab7002c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ca2402ccdb16d77237bd8e60553dcac65f8345d70b5b20815039f954543713d7_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ed825173015eac1018f157365defbac336f4d791ca5133e992abd17c9f153c67_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33150"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:33b95627674ae3c2c861b608ed1774eebf0fb935ac68252607a47f85d08b2e9e_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:80ec849e60eea36fac738606f21f7913b58c73adad65ea90f28c85322825d834_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b49f1a001e39eda43e5663f883497795115033e4f9244ddfe2eb0157c108f8e4_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:c4540d0958efbefb455276b66e2eefc857c0a081f62ae5d2fedaca4194b54af5_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2782bb9a9ef969484a11457d74cf601c269b40ee04443c9971dce2f3991f8f84_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:45bcc823540a2b4a733d5e62d21add913355757eb9fe7e98c3c0abe367ff0fce_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:500bdbe8258d40029f4b01cb59db71a631cd334601ba9398ac66b68fe13e7202_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84ad0a9408aa3f3aafb2ee2cae236cba9099a348df038c70f4bc2612d752c21b_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:92457a690fbc08e28e12fd27a9496eb96d7ebaeb2d020c37b85aa6b9e4c118b0_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b8296fd78c18bd81fb337551e3535a89ddef292673bb96e3aa7ea7934ebc8f04_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:d7af5398b0e60a6531627a2a58bde371e83448eed320a7965904a574d8e0b085_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:ef1aecb6e0f4e3adb6e402dd6c9ad67fbc1a2788f1e5beb6ccae325428780018_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:19b2d80d3968aa8dd004a5928b43ef741e62c1f5991923ac9d0e6a529264205c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9f5b9a1c78a9c66f4f1234b1dc5d5c607b08ca376a7fe5189ba30e3552797435_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a6f021e3e71117be6d033874e5c84bca7e13beed284259bf2398e36759740e13_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b526221d3897f33a9bf621c0f73d772d2982856b70bcbda107cf1a644b30562e_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:16e423afb75103bd669214d1b1290a518ce5fb6c892dec4146720bbcf83baa73_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:67d00b75ead6bae7ff671f10446f292a5db5437ff99e4d59635330de8ab7002c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ca2402ccdb16d77237bd8e60553dcac65f8345d70b5b20815039f954543713d7_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ed825173015eac1018f157365defbac336f4d791ca5133e992abd17c9f153c67_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:e5045fa856fea16678dde8489381e393028a79dd23b2d479ada0396248eec546_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:402493b3158a8bb9e3fd173ebd101c404a68c7a07e5176a9b70fa3e7ee9c1187_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:6a851b3cd3c201a1e2a8ddea7c21fc1c7d5845fe73c0ca5b902a72a1585d2132_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:c15c43a0719287a27aa75e3391e4e1fb96c1aa69e2982b34a0a98f99d23b6fd9_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f26bf9d900f0682660af10575c78fbb6aa7cf7bb8287f8aef4461e5add63409c_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:33b95627674ae3c2c861b608ed1774eebf0fb935ac68252607a47f85d08b2e9e_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:80ec849e60eea36fac738606f21f7913b58c73adad65ea90f28c85322825d834_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b49f1a001e39eda43e5663f883497795115033e4f9244ddfe2eb0157c108f8e4_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:c4540d0958efbefb455276b66e2eefc857c0a081f62ae5d2fedaca4194b54af5_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2782bb9a9ef969484a11457d74cf601c269b40ee04443c9971dce2f3991f8f84_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:45bcc823540a2b4a733d5e62d21add913355757eb9fe7e98c3c0abe367ff0fce_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:500bdbe8258d40029f4b01cb59db71a631cd334601ba9398ac66b68fe13e7202_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84ad0a9408aa3f3aafb2ee2cae236cba9099a348df038c70f4bc2612d752c21b_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:92457a690fbc08e28e12fd27a9496eb96d7ebaeb2d020c37b85aa6b9e4c118b0_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b8296fd78c18bd81fb337551e3535a89ddef292673bb96e3aa7ea7934ebc8f04_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:d7af5398b0e60a6531627a2a58bde371e83448eed320a7965904a574d8e0b085_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:ef1aecb6e0f4e3adb6e402dd6c9ad67fbc1a2788f1e5beb6ccae325428780018_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:19b2d80d3968aa8dd004a5928b43ef741e62c1f5991923ac9d0e6a529264205c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9f5b9a1c78a9c66f4f1234b1dc5d5c607b08ca376a7fe5189ba30e3552797435_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a6f021e3e71117be6d033874e5c84bca7e13beed284259bf2398e36759740e13_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b526221d3897f33a9bf621c0f73d772d2982856b70bcbda107cf1a644b30562e_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:16e423afb75103bd669214d1b1290a518ce5fb6c892dec4146720bbcf83baa73_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:67d00b75ead6bae7ff671f10446f292a5db5437ff99e4d59635330de8ab7002c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ca2402ccdb16d77237bd8e60553dcac65f8345d70b5b20815039f954543713d7_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ed825173015eac1018f157365defbac336f4d791ca5133e992abd17c9f153c67_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:e5045fa856fea16678dde8489381e393028a79dd23b2d479ada0396248eec546_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:402493b3158a8bb9e3fd173ebd101c404a68c7a07e5176a9b70fa3e7ee9c1187_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:6a851b3cd3c201a1e2a8ddea7c21fc1c7d5845fe73c0ca5b902a72a1585d2132_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:c15c43a0719287a27aa75e3391e4e1fb96c1aa69e2982b34a0a98f99d23b6fd9_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f26bf9d900f0682660af10575c78fbb6aa7cf7bb8287f8aef4461e5add63409c_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame"
},
{
"cve": "CVE-2026-39820",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-05-07T20:01:27.800929+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2782bb9a9ef969484a11457d74cf601c269b40ee04443c9971dce2f3991f8f84_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:45bcc823540a2b4a733d5e62d21add913355757eb9fe7e98c3c0abe367ff0fce_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:500bdbe8258d40029f4b01cb59db71a631cd334601ba9398ac66b68fe13e7202_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84ad0a9408aa3f3aafb2ee2cae236cba9099a348df038c70f4bc2612d752c21b_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:e5045fa856fea16678dde8489381e393028a79dd23b2d479ada0396248eec546_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:402493b3158a8bb9e3fd173ebd101c404a68c7a07e5176a9b70fa3e7ee9c1187_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:6a851b3cd3c201a1e2a8ddea7c21fc1c7d5845fe73c0ca5b902a72a1585d2132_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:c15c43a0719287a27aa75e3391e4e1fb96c1aa69e2982b34a0a98f99d23b6fd9_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f26bf9d900f0682660af10575c78fbb6aa7cf7bb8287f8aef4461e5add63409c_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467820"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net/mail` package. Applications processing untrusted email inputs via `ParseAddress`, `ParseAddressList`, or `ParseDate` functions are susceptible to excessive resource consumption, which can lead to service unavailability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:33b95627674ae3c2c861b608ed1774eebf0fb935ac68252607a47f85d08b2e9e_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:80ec849e60eea36fac738606f21f7913b58c73adad65ea90f28c85322825d834_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b49f1a001e39eda43e5663f883497795115033e4f9244ddfe2eb0157c108f8e4_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:c4540d0958efbefb455276b66e2eefc857c0a081f62ae5d2fedaca4194b54af5_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:92457a690fbc08e28e12fd27a9496eb96d7ebaeb2d020c37b85aa6b9e4c118b0_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b8296fd78c18bd81fb337551e3535a89ddef292673bb96e3aa7ea7934ebc8f04_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:d7af5398b0e60a6531627a2a58bde371e83448eed320a7965904a574d8e0b085_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:ef1aecb6e0f4e3adb6e402dd6c9ad67fbc1a2788f1e5beb6ccae325428780018_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:19b2d80d3968aa8dd004a5928b43ef741e62c1f5991923ac9d0e6a529264205c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9f5b9a1c78a9c66f4f1234b1dc5d5c607b08ca376a7fe5189ba30e3552797435_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a6f021e3e71117be6d033874e5c84bca7e13beed284259bf2398e36759740e13_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b526221d3897f33a9bf621c0f73d772d2982856b70bcbda107cf1a644b30562e_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:16e423afb75103bd669214d1b1290a518ce5fb6c892dec4146720bbcf83baa73_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:67d00b75ead6bae7ff671f10446f292a5db5437ff99e4d59635330de8ab7002c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ca2402ccdb16d77237bd8e60553dcac65f8345d70b5b20815039f954543713d7_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ed825173015eac1018f157365defbac336f4d791ca5133e992abd17c9f153c67_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2782bb9a9ef969484a11457d74cf601c269b40ee04443c9971dce2f3991f8f84_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:45bcc823540a2b4a733d5e62d21add913355757eb9fe7e98c3c0abe367ff0fce_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:500bdbe8258d40029f4b01cb59db71a631cd334601ba9398ac66b68fe13e7202_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84ad0a9408aa3f3aafb2ee2cae236cba9099a348df038c70f4bc2612d752c21b_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:e5045fa856fea16678dde8489381e393028a79dd23b2d479ada0396248eec546_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:402493b3158a8bb9e3fd173ebd101c404a68c7a07e5176a9b70fa3e7ee9c1187_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:6a851b3cd3c201a1e2a8ddea7c21fc1c7d5845fe73c0ca5b902a72a1585d2132_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:c15c43a0719287a27aa75e3391e4e1fb96c1aa69e2982b34a0a98f99d23b6fd9_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f26bf9d900f0682660af10575c78fbb6aa7cf7bb8287f8aef4461e5add63409c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "RHBZ#2467820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467820"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39820",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39820"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://go.dev/cl/759940",
"url": "https://go.dev/cl/759940"
},
{
"category": "external",
"summary": "https://go.dev/issue/78566",
"url": "https://go.dev/issue/78566"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4986",
"url": "https://pkg.go.dev/vuln/GO-2026-4986"
}
],
"release_date": "2026-05-07T19:41:19.854000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T15:29:11+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.3.5 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.3",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:33b95627674ae3c2c861b608ed1774eebf0fb935ac68252607a47f85d08b2e9e_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:80ec849e60eea36fac738606f21f7913b58c73adad65ea90f28c85322825d834_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b49f1a001e39eda43e5663f883497795115033e4f9244ddfe2eb0157c108f8e4_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:c4540d0958efbefb455276b66e2eefc857c0a081f62ae5d2fedaca4194b54af5_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:92457a690fbc08e28e12fd27a9496eb96d7ebaeb2d020c37b85aa6b9e4c118b0_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b8296fd78c18bd81fb337551e3535a89ddef292673bb96e3aa7ea7934ebc8f04_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:d7af5398b0e60a6531627a2a58bde371e83448eed320a7965904a574d8e0b085_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:ef1aecb6e0f4e3adb6e402dd6c9ad67fbc1a2788f1e5beb6ccae325428780018_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:19b2d80d3968aa8dd004a5928b43ef741e62c1f5991923ac9d0e6a529264205c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9f5b9a1c78a9c66f4f1234b1dc5d5c607b08ca376a7fe5189ba30e3552797435_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a6f021e3e71117be6d033874e5c84bca7e13beed284259bf2398e36759740e13_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b526221d3897f33a9bf621c0f73d772d2982856b70bcbda107cf1a644b30562e_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:16e423afb75103bd669214d1b1290a518ce5fb6c892dec4146720bbcf83baa73_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:67d00b75ead6bae7ff671f10446f292a5db5437ff99e4d59635330de8ab7002c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ca2402ccdb16d77237bd8e60553dcac65f8345d70b5b20815039f954543713d7_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ed825173015eac1018f157365defbac336f4d791ca5133e992abd17c9f153c67_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33150"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:33b95627674ae3c2c861b608ed1774eebf0fb935ac68252607a47f85d08b2e9e_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:80ec849e60eea36fac738606f21f7913b58c73adad65ea90f28c85322825d834_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b49f1a001e39eda43e5663f883497795115033e4f9244ddfe2eb0157c108f8e4_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:c4540d0958efbefb455276b66e2eefc857c0a081f62ae5d2fedaca4194b54af5_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2782bb9a9ef969484a11457d74cf601c269b40ee04443c9971dce2f3991f8f84_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:45bcc823540a2b4a733d5e62d21add913355757eb9fe7e98c3c0abe367ff0fce_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:500bdbe8258d40029f4b01cb59db71a631cd334601ba9398ac66b68fe13e7202_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84ad0a9408aa3f3aafb2ee2cae236cba9099a348df038c70f4bc2612d752c21b_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:92457a690fbc08e28e12fd27a9496eb96d7ebaeb2d020c37b85aa6b9e4c118b0_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b8296fd78c18bd81fb337551e3535a89ddef292673bb96e3aa7ea7934ebc8f04_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:d7af5398b0e60a6531627a2a58bde371e83448eed320a7965904a574d8e0b085_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:ef1aecb6e0f4e3adb6e402dd6c9ad67fbc1a2788f1e5beb6ccae325428780018_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:19b2d80d3968aa8dd004a5928b43ef741e62c1f5991923ac9d0e6a529264205c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9f5b9a1c78a9c66f4f1234b1dc5d5c607b08ca376a7fe5189ba30e3552797435_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a6f021e3e71117be6d033874e5c84bca7e13beed284259bf2398e36759740e13_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b526221d3897f33a9bf621c0f73d772d2982856b70bcbda107cf1a644b30562e_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:16e423afb75103bd669214d1b1290a518ce5fb6c892dec4146720bbcf83baa73_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:67d00b75ead6bae7ff671f10446f292a5db5437ff99e4d59635330de8ab7002c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ca2402ccdb16d77237bd8e60553dcac65f8345d70b5b20815039f954543713d7_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ed825173015eac1018f157365defbac336f4d791ca5133e992abd17c9f153c67_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:e5045fa856fea16678dde8489381e393028a79dd23b2d479ada0396248eec546_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:402493b3158a8bb9e3fd173ebd101c404a68c7a07e5176a9b70fa3e7ee9c1187_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:6a851b3cd3c201a1e2a8ddea7c21fc1c7d5845fe73c0ca5b902a72a1585d2132_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:c15c43a0719287a27aa75e3391e4e1fb96c1aa69e2982b34a0a98f99d23b6fd9_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f26bf9d900f0682660af10575c78fbb6aa7cf7bb8287f8aef4461e5add63409c_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:33b95627674ae3c2c861b608ed1774eebf0fb935ac68252607a47f85d08b2e9e_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:80ec849e60eea36fac738606f21f7913b58c73adad65ea90f28c85322825d834_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b49f1a001e39eda43e5663f883497795115033e4f9244ddfe2eb0157c108f8e4_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:c4540d0958efbefb455276b66e2eefc857c0a081f62ae5d2fedaca4194b54af5_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2782bb9a9ef969484a11457d74cf601c269b40ee04443c9971dce2f3991f8f84_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:45bcc823540a2b4a733d5e62d21add913355757eb9fe7e98c3c0abe367ff0fce_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:500bdbe8258d40029f4b01cb59db71a631cd334601ba9398ac66b68fe13e7202_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84ad0a9408aa3f3aafb2ee2cae236cba9099a348df038c70f4bc2612d752c21b_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:92457a690fbc08e28e12fd27a9496eb96d7ebaeb2d020c37b85aa6b9e4c118b0_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b8296fd78c18bd81fb337551e3535a89ddef292673bb96e3aa7ea7934ebc8f04_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:d7af5398b0e60a6531627a2a58bde371e83448eed320a7965904a574d8e0b085_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:ef1aecb6e0f4e3adb6e402dd6c9ad67fbc1a2788f1e5beb6ccae325428780018_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:19b2d80d3968aa8dd004a5928b43ef741e62c1f5991923ac9d0e6a529264205c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9f5b9a1c78a9c66f4f1234b1dc5d5c607b08ca376a7fe5189ba30e3552797435_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a6f021e3e71117be6d033874e5c84bca7e13beed284259bf2398e36759740e13_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b526221d3897f33a9bf621c0f73d772d2982856b70bcbda107cf1a644b30562e_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:16e423afb75103bd669214d1b1290a518ce5fb6c892dec4146720bbcf83baa73_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:67d00b75ead6bae7ff671f10446f292a5db5437ff99e4d59635330de8ab7002c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ca2402ccdb16d77237bd8e60553dcac65f8345d70b5b20815039f954543713d7_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ed825173015eac1018f157365defbac336f4d791ca5133e992abd17c9f153c67_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:e5045fa856fea16678dde8489381e393028a79dd23b2d479ada0396248eec546_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:402493b3158a8bb9e3fd173ebd101c404a68c7a07e5176a9b70fa3e7ee9c1187_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:6a851b3cd3c201a1e2a8ddea7c21fc1c7d5845fe73c0ca5b902a72a1585d2132_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:c15c43a0719287a27aa75e3391e4e1fb96c1aa69e2982b34a0a98f99d23b6fd9_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f26bf9d900f0682660af10575c78fbb6aa7cf7bb8287f8aef4461e5add63409c_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs"
},
{
"cve": "CVE-2026-42499",
"cwe": {
"id": "CWE-1046",
"name": "Creation of Immutable Text Using String Concatenation"
},
"discovery_date": "2026-05-07T20:00:51.685602+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2782bb9a9ef969484a11457d74cf601c269b40ee04443c9971dce2f3991f8f84_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:45bcc823540a2b4a733d5e62d21add913355757eb9fe7e98c3c0abe367ff0fce_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:500bdbe8258d40029f4b01cb59db71a631cd334601ba9398ac66b68fe13e7202_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84ad0a9408aa3f3aafb2ee2cae236cba9099a348df038c70f4bc2612d752c21b_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:e5045fa856fea16678dde8489381e393028a79dd23b2d479ada0396248eec546_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:402493b3158a8bb9e3fd173ebd101c404a68c7a07e5176a9b70fa3e7ee9c1187_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:6a851b3cd3c201a1e2a8ddea7c21fc1c7d5845fe73c0ca5b902a72a1585d2132_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:c15c43a0719287a27aa75e3391e4e1fb96c1aa69e2982b34a0a98f99d23b6fd9_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f26bf9d900f0682660af10575c78fbb6aa7cf7bb8287f8aef4461e5add63409c_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467809"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the `net/mail` package of the Go standard library. A remote attacker can exploit this flaw by sending specially crafted email addresses, leading to excessive resource consumption and a denial of service in Go applications that parse email addresses using the affected library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:33b95627674ae3c2c861b608ed1774eebf0fb935ac68252607a47f85d08b2e9e_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:80ec849e60eea36fac738606f21f7913b58c73adad65ea90f28c85322825d834_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b49f1a001e39eda43e5663f883497795115033e4f9244ddfe2eb0157c108f8e4_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:c4540d0958efbefb455276b66e2eefc857c0a081f62ae5d2fedaca4194b54af5_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:92457a690fbc08e28e12fd27a9496eb96d7ebaeb2d020c37b85aa6b9e4c118b0_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b8296fd78c18bd81fb337551e3535a89ddef292673bb96e3aa7ea7934ebc8f04_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:d7af5398b0e60a6531627a2a58bde371e83448eed320a7965904a574d8e0b085_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:ef1aecb6e0f4e3adb6e402dd6c9ad67fbc1a2788f1e5beb6ccae325428780018_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:19b2d80d3968aa8dd004a5928b43ef741e62c1f5991923ac9d0e6a529264205c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9f5b9a1c78a9c66f4f1234b1dc5d5c607b08ca376a7fe5189ba30e3552797435_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a6f021e3e71117be6d033874e5c84bca7e13beed284259bf2398e36759740e13_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b526221d3897f33a9bf621c0f73d772d2982856b70bcbda107cf1a644b30562e_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:16e423afb75103bd669214d1b1290a518ce5fb6c892dec4146720bbcf83baa73_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:67d00b75ead6bae7ff671f10446f292a5db5437ff99e4d59635330de8ab7002c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ca2402ccdb16d77237bd8e60553dcac65f8345d70b5b20815039f954543713d7_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ed825173015eac1018f157365defbac336f4d791ca5133e992abd17c9f153c67_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2782bb9a9ef969484a11457d74cf601c269b40ee04443c9971dce2f3991f8f84_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:45bcc823540a2b4a733d5e62d21add913355757eb9fe7e98c3c0abe367ff0fce_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:500bdbe8258d40029f4b01cb59db71a631cd334601ba9398ac66b68fe13e7202_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84ad0a9408aa3f3aafb2ee2cae236cba9099a348df038c70f4bc2612d752c21b_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:e5045fa856fea16678dde8489381e393028a79dd23b2d479ada0396248eec546_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:402493b3158a8bb9e3fd173ebd101c404a68c7a07e5176a9b70fa3e7ee9c1187_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:6a851b3cd3c201a1e2a8ddea7c21fc1c7d5845fe73c0ca5b902a72a1585d2132_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:c15c43a0719287a27aa75e3391e4e1fb96c1aa69e2982b34a0a98f99d23b6fd9_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f26bf9d900f0682660af10575c78fbb6aa7cf7bb8287f8aef4461e5add63409c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "RHBZ#2467809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467809"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42499",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42499"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://go.dev/cl/771520",
"url": "https://go.dev/cl/771520"
},
{
"category": "external",
"summary": "https://go.dev/issue/78987",
"url": "https://go.dev/issue/78987"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4977",
"url": "https://pkg.go.dev/vuln/GO-2026-4977"
}
],
"release_date": "2026-05-07T19:41:18.615000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-29T15:29:11+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.3.5 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.3",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:33b95627674ae3c2c861b608ed1774eebf0fb935ac68252607a47f85d08b2e9e_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:80ec849e60eea36fac738606f21f7913b58c73adad65ea90f28c85322825d834_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b49f1a001e39eda43e5663f883497795115033e4f9244ddfe2eb0157c108f8e4_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:c4540d0958efbefb455276b66e2eefc857c0a081f62ae5d2fedaca4194b54af5_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:92457a690fbc08e28e12fd27a9496eb96d7ebaeb2d020c37b85aa6b9e4c118b0_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b8296fd78c18bd81fb337551e3535a89ddef292673bb96e3aa7ea7934ebc8f04_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:d7af5398b0e60a6531627a2a58bde371e83448eed320a7965904a574d8e0b085_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:ef1aecb6e0f4e3adb6e402dd6c9ad67fbc1a2788f1e5beb6ccae325428780018_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:19b2d80d3968aa8dd004a5928b43ef741e62c1f5991923ac9d0e6a529264205c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9f5b9a1c78a9c66f4f1234b1dc5d5c607b08ca376a7fe5189ba30e3552797435_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a6f021e3e71117be6d033874e5c84bca7e13beed284259bf2398e36759740e13_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b526221d3897f33a9bf621c0f73d772d2982856b70bcbda107cf1a644b30562e_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:16e423afb75103bd669214d1b1290a518ce5fb6c892dec4146720bbcf83baa73_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:67d00b75ead6bae7ff671f10446f292a5db5437ff99e4d59635330de8ab7002c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ca2402ccdb16d77237bd8e60553dcac65f8345d70b5b20815039f954543713d7_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ed825173015eac1018f157365defbac336f4d791ca5133e992abd17c9f153c67_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33150"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:33b95627674ae3c2c861b608ed1774eebf0fb935ac68252607a47f85d08b2e9e_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:80ec849e60eea36fac738606f21f7913b58c73adad65ea90f28c85322825d834_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b49f1a001e39eda43e5663f883497795115033e4f9244ddfe2eb0157c108f8e4_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:c4540d0958efbefb455276b66e2eefc857c0a081f62ae5d2fedaca4194b54af5_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2782bb9a9ef969484a11457d74cf601c269b40ee04443c9971dce2f3991f8f84_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:45bcc823540a2b4a733d5e62d21add913355757eb9fe7e98c3c0abe367ff0fce_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:500bdbe8258d40029f4b01cb59db71a631cd334601ba9398ac66b68fe13e7202_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84ad0a9408aa3f3aafb2ee2cae236cba9099a348df038c70f4bc2612d752c21b_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:92457a690fbc08e28e12fd27a9496eb96d7ebaeb2d020c37b85aa6b9e4c118b0_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b8296fd78c18bd81fb337551e3535a89ddef292673bb96e3aa7ea7934ebc8f04_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:d7af5398b0e60a6531627a2a58bde371e83448eed320a7965904a574d8e0b085_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:ef1aecb6e0f4e3adb6e402dd6c9ad67fbc1a2788f1e5beb6ccae325428780018_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:19b2d80d3968aa8dd004a5928b43ef741e62c1f5991923ac9d0e6a529264205c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9f5b9a1c78a9c66f4f1234b1dc5d5c607b08ca376a7fe5189ba30e3552797435_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a6f021e3e71117be6d033874e5c84bca7e13beed284259bf2398e36759740e13_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b526221d3897f33a9bf621c0f73d772d2982856b70bcbda107cf1a644b30562e_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:16e423afb75103bd669214d1b1290a518ce5fb6c892dec4146720bbcf83baa73_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:67d00b75ead6bae7ff671f10446f292a5db5437ff99e4d59635330de8ab7002c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ca2402ccdb16d77237bd8e60553dcac65f8345d70b5b20815039f954543713d7_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ed825173015eac1018f157365defbac336f4d791ca5133e992abd17c9f153c67_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:e5045fa856fea16678dde8489381e393028a79dd23b2d479ada0396248eec546_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:402493b3158a8bb9e3fd173ebd101c404a68c7a07e5176a9b70fa3e7ee9c1187_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:6a851b3cd3c201a1e2a8ddea7c21fc1c7d5845fe73c0ca5b902a72a1585d2132_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:c15c43a0719287a27aa75e3391e4e1fb96c1aa69e2982b34a0a98f99d23b6fd9_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f26bf9d900f0682660af10575c78fbb6aa7cf7bb8287f8aef4461e5add63409c_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:33b95627674ae3c2c861b608ed1774eebf0fb935ac68252607a47f85d08b2e9e_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:80ec849e60eea36fac738606f21f7913b58c73adad65ea90f28c85322825d834_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:b49f1a001e39eda43e5663f883497795115033e4f9244ddfe2eb0157c108f8e4_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:c4540d0958efbefb455276b66e2eefc857c0a081f62ae5d2fedaca4194b54af5_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2782bb9a9ef969484a11457d74cf601c269b40ee04443c9971dce2f3991f8f84_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:45bcc823540a2b4a733d5e62d21add913355757eb9fe7e98c3c0abe367ff0fce_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:500bdbe8258d40029f4b01cb59db71a631cd334601ba9398ac66b68fe13e7202_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:84ad0a9408aa3f3aafb2ee2cae236cba9099a348df038c70f4bc2612d752c21b_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:92457a690fbc08e28e12fd27a9496eb96d7ebaeb2d020c37b85aa6b9e4c118b0_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b8296fd78c18bd81fb337551e3535a89ddef292673bb96e3aa7ea7934ebc8f04_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:d7af5398b0e60a6531627a2a58bde371e83448eed320a7965904a574d8e0b085_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:ef1aecb6e0f4e3adb6e402dd6c9ad67fbc1a2788f1e5beb6ccae325428780018_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:19b2d80d3968aa8dd004a5928b43ef741e62c1f5991923ac9d0e6a529264205c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9f5b9a1c78a9c66f4f1234b1dc5d5c607b08ca376a7fe5189ba30e3552797435_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a6f021e3e71117be6d033874e5c84bca7e13beed284259bf2398e36759740e13_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:b526221d3897f33a9bf621c0f73d772d2982856b70bcbda107cf1a644b30562e_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:16e423afb75103bd669214d1b1290a518ce5fb6c892dec4146720bbcf83baa73_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:67d00b75ead6bae7ff671f10446f292a5db5437ff99e4d59635330de8ab7002c_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ca2402ccdb16d77237bd8e60553dcac65f8345d70b5b20815039f954543713d7_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:ed825173015eac1018f157365defbac336f4d791ca5133e992abd17c9f153c67_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:e5045fa856fea16678dde8489381e393028a79dd23b2d479ada0396248eec546_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:402493b3158a8bb9e3fd173ebd101c404a68c7a07e5176a9b70fa3e7ee9c1187_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:6a851b3cd3c201a1e2a8ddea7c21fc1c7d5845fe73c0ca5b902a72a1585d2132_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:c15c43a0719287a27aa75e3391e4e1fb96c1aa69e2982b34a0a98f99d23b6fd9_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:f26bf9d900f0682660af10575c78fbb6aa7cf7bb8287f8aef4461e5add63409c_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing"
}
]
}
RHSA-2026:33574
Vulnerability from csaf_redhat - Published: 2026-06-30 15:00 - Updated: 2026-07-07 18:57A flaw was found in the shell-quote component. The quote() function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpret as a command separator. This could lead to command injection, enabling the attacker to execute arbitrary code on the system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
A flaw was found in json-2-csv. An attacker can bypass the `preventCsvInjection` option to inject malicious formulas into CSV (Comma Separated Values) files. When these manipulated CSV files are opened in spreadsheet applications, the injected formulas can execute, potentially leading to arbitrary code execution or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
Workaround
|
A flaw was found in the `crypto/x509` package of `golang`. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by presenting a specially crafted X.509 certificate with a large number of DNS Subject Alternative Name (SAN) entries. The certificate verification process, specifically the `VerifyHostname` function, incurs excessive computational overhead due to repeated string operations when processing these entries. This can lead to a significant performance degradation or unresponsiveness of systems validating such certificates.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — |
Workaround
|
A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — |
Workaround
|
A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — |
Workaround
|
A flaw was found in Axios, an HTTP client library. This vulnerability allows an attacker to exploit a prototype pollution issue if another part of the application has already polluted the Object.prototype. By doing so, the attacker can intercept and modify JSON responses or take control of the HTTP communication. This could lead to unauthorized access to sensitive information like user credentials and request details.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
A flaw was found in Axios, a software library for making network requests. A remote attacker can exploit a prototype pollution vulnerability to inject arbitrary HTTP headers into outgoing requests. This occurs when the application's core object definitions are manipulated, causing Axios to misinterpret data and include attacker-controlled headers in network communications. This could lead to unauthorized actions or data manipulation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
Workaround
|
A flaw was found in Axios, a promise-based HTTP client for browsers and Node.js. This vulnerability occurs because the `toFormData` function recursively processes nested objects without a depth limit. A remote attacker can exploit this by sending deeply nested request data, which causes the Node.js process to crash due to a RangeError, leading to a potential Denial of Service (DoS) if the process crashes.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
A flaw was found in Axios, a promise-based HTTP client. This vulnerability, a Prototype Pollution "Gadget" attack, allows an attacker to manipulate the `Object.prototype.validateStatus` property. By polluting this property, all HTTP error responses (such as 401, 403, or 500) are silently treated as successful responses. This can lead to a complete bypass of application-level authentication and error handling, potentially granting unauthorized access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
A flaw was found in Axios, a promise-based HTTP client. An attacker who can control the destination address of an Axios request can exploit this vulnerability. By using specific internal network addresses (within the 127.0.0.0/8 range, excluding 127.0.0.1), the attacker can completely bypass the NO_PROXY protection, potentially leading to unauthorized access or information disclosure within the network. This issue is an incomplete fix for a previous vulnerability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution "Gadget" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could lead to significant security breaches, including unauthorized privilege escalation, fraudulent balance manipulation, or bypassing critical authorization checks.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
Workaround
|
A flaw was found in ip-address, a JavaScript library for parsing and manipulating IPv4 and IPv6 addresses. This vulnerability allows a remote attacker to perform cross-site scripting (XSS) by providing untrusted input to the Address6 constructor. When an application renders the output of Address6.group(), Address6.link(), or the AddressError.parseMessage as HTML without proper escaping, the attacker-controlled content can be executed in the user's browser.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
Workaround
|
A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — |
Workaround
|
A flaw was found in Axios, a promise-based HTTP client, specifically in its Node.js HTTP adapter. When Axios is configured to use an authenticated proxy and follows a redirect, it may inadvertently send the Proxy-Authorization header, containing proxy credentials, to the redirect target. This can lead to the disclosure of sensitive proxy credentials to an unintended remote server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
Workaround
|
A flaw was found in Axios. During specific proxy-to-direct redirect flows in the Node.js HTTP adapter, a remote attacker could exploit this vulnerability. The Proxy-Authorization header, which contains proxy credentials and is intended only for the outbound proxy, may be forwarded to the final redirected origin. This can lead to the disclosure of sensitive proxy credentials to an unintended third party.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
Workaround
|
A flaw was found in Axios, a promise-based HTTP client. When using the fetch adapter, Axios did not properly enforce configured request and response size limits. This vulnerability allows a remote attacker, through a malicious or compromised server, or by supplying a large data URL, to send or receive oversized data bodies. This can lead to resource exhaustion in server-side applications, resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
Workaround
|
A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not properly normalize IPv4-mapped IPv6 addresses. When a NO_PROXY setting is configured to block direct access to specific IPv4 addresses, an attacker can bypass this restriction by using the IPv4-mapped IPv6 form of the address in a request URL. This allows the request to be routed through the proxy, potentially exposing internal services or sensitive information that should otherwise be inaccessible.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
Workaround
|
A flaw was found in Axios. This vulnerability, a Prototype Pollution "Gadget" attack, allows an attacker to escalate any existing Object.prototype pollution in an application's dependency tree into a full Man-in-the-Middle (MITM) attack. This enables the attacker to intercept, read, and modify all HTTP traffic, including sensitive authentication credentials. The flaw occurs because the `config.proxy` setting is susceptible to prototype pollution, allowing an attacker to inject a malicious proxy server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
Workaround
|
A flaw was found in Axios, a promise-based HTTP client. This vulnerability involves prototype pollution gadgets in the request configuration processing. If another vulnerability has already polluted the Object.prototype.transformResponse, affected Axios versions may incorrectly interpret this inherited value as part of the request configuration or as an option validator. Axios does not itself create the prototype pollution. Exploitability requires a separate prototype-pollution vulnerability or equivalent attacker control over Object.prototype before Axios creates a request.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
Workaround
|
A flaw was found in Axios. A remote attacker, by influencing the XSRF cookie name in a browser environment, could cause the application to construct a regular expression that leads to excessive processing. This can result in a client-side Denial of Service (DoS), where the affected browser tab may freeze, impacting the availability of the application for the user.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
Workaround
|
A flaw was found in systeminformation, a Node.js library. This vulnerability allows a local attacker on Linux to inject arbitrary commands. This occurs when an active NetworkManager connection profile name contains shell metacharacters, which are not properly sanitized before being used in shell commands. Successful exploitation can lead to arbitrary code execution.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
Workaround
|
A flaw was found in ws, an open source WebSocket client and server for Node.js. The `websocket.close()` implementation is vulnerable to uninitialized memory disclosure when a `TypedArray` is passed as the reason argument. This can lead to the disclosure of sensitive information from uninitialized memory.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
A flaw was found in vm2, an open-source virtual machine (VM) sandbox for Node.js. A remote attacker can exploit this vulnerability by combining specific Buffer function calls and Node.js's ERR_INVALID_ARG_TYPE error. This allows the attacker to obtain the host's TypeError constructor, leading to an escape from the sandbox. Consequently, this enables attackers to run arbitrary code on the host system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
Workaround
|
A flaw was found in vm2, an open-source virtual machine (VM) sandbox for Node.js. An attacker within the sandbox could exploit incomplete symbol interception and missing security checks to gain control over the host system. This could allow the attacker to execute arbitrary code outside the sandbox environment, leading to a complete compromise of the host.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
Workaround
|
A flaw was found in vm2, an open-source virtual machine (VM) sandbox for Node.js. A remote attacker could bypass a security check designed to prevent the combination of nested environments and disabled module loading. This bypass occurs because a strict equality check for the `require` option can be circumvented by simply omitting the option, leading to an unintended configuration. Successful exploitation of this vulnerability could allow an attacker to escape the sandbox and achieve arbitrary code execution on the host system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
Workaround
|
A flaw was found in vm2, a Node.js sandbox. This vulnerability allows sandboxed code to bypass network restrictions by utilizing internal HTTP built-ins, such as _http_client and _http_server. An attacker can exploit this to make outbound HTTP requests or open listening HTTP sockets, even when public network modules are explicitly denied. This could lead to unauthorized information disclosure or further compromise of the system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
Workaround
|
A flaw was found in vm2, an open-source virtual machine (VM) sandbox for Node.js. This vulnerability allows sandboxed code to bypass intended security restrictions by exploiting missing entries in the denylist for dangerous Node.js built-in functions, specifically `process` and `inspector/promises`. A remote attacker can leverage this to execute arbitrary code in the host process, leading to a complete compromise of the system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
Workaround
|
A flaw was found in vm2, an open-source virtual machine (VM) sandbox for Node.js. Prior to version 3.11.4, NodeVM, a component of vm2, improperly exposed certain process-wide observability builtins, such as diagnostics_channel, async_hooks, and perf_hooks. These builtins, which are designed for monitoring and debugging, were not adequately blocked by the dangerous builtin denylist. This oversight allowed sandboxed code to observe sensitive host application data, leading to information disclosure across the vm2 security boundary.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
Workaround
|
A flaw was found in vm2, an open-source virtual machine (VM) sandbox for Node.js. This vulnerability allows an attacker to escape the sandbox environment by writing malicious code. Successful exploitation can lead to arbitrary code execution on the host system, compromising the integrity and confidentiality of the system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
Workaround
|
A flaw was found in vm2, an open-source virtual machine (VM) sandbox for Node.js. This vulnerability allows an attacker to bypass security restrictions by writing dangerous cross-realm Symbol keys to host objects. This can lead to a compromise of the integrity of the host system, potentially enabling arbitrary code execution within the Node.js environment. The issue stems from the BaseHandler.set trap in bridge.js, which incorrectly writes to the host target object even when inherited property assignments should create an own property on the receiver.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
A flaw was found in ws, an open source WebSocket client and server. A remote attacker can exploit this memory exhaustion vulnerability by sending a high volume of exceptionally small fragments and data chunks. This action forces the affected component to allocate and hold structural wrappers that consume excessive memory. Consequently, this leads to process termination and a denial of service (DoS) for the remote peer.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Developer Hub 1.9.6 has been released.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Developer Hub (RHDH) is Red Hat\u0027s enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters (AKS, EKS, GKE). The core features of RHDH include a single pane of glass, a centralized software catalog, self-service via golden path templates, and Tech Docs. RHDH is extensible by plugins.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:33574",
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27145",
"url": "https://access.redhat.com/security/cve/CVE-2026-27145"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33811",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39820",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42033",
"url": "https://access.redhat.com/security/cve/CVE-2026-42033"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42035",
"url": "https://access.redhat.com/security/cve/CVE-2026-42035"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42039",
"url": "https://access.redhat.com/security/cve/CVE-2026-42039"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42041",
"url": "https://access.redhat.com/security/cve/CVE-2026-42041"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42043",
"url": "https://access.redhat.com/security/cve/CVE-2026-42043"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42044",
"url": "https://access.redhat.com/security/cve/CVE-2026-42044"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42338",
"url": "https://access.redhat.com/security/cve/CVE-2026-42338"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42499",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44486",
"url": "https://access.redhat.com/security/cve/CVE-2026-44486"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44487",
"url": "https://access.redhat.com/security/cve/CVE-2026-44487"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44488",
"url": "https://access.redhat.com/security/cve/CVE-2026-44488"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44492",
"url": "https://access.redhat.com/security/cve/CVE-2026-44492"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44494",
"url": "https://access.redhat.com/security/cve/CVE-2026-44494"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44495",
"url": "https://access.redhat.com/security/cve/CVE-2026-44495"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44496",
"url": "https://access.redhat.com/security/cve/CVE-2026-44496"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44724",
"url": "https://access.redhat.com/security/cve/CVE-2026-44724"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-45736",
"url": "https://access.redhat.com/security/cve/CVE-2026-45736"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-47131",
"url": "https://access.redhat.com/security/cve/CVE-2026-47131"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-47135",
"url": "https://access.redhat.com/security/cve/CVE-2026-47135"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-47137",
"url": "https://access.redhat.com/security/cve/CVE-2026-47137"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-47139",
"url": "https://access.redhat.com/security/cve/CVE-2026-47139"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-47140",
"url": "https://access.redhat.com/security/cve/CVE-2026-47140"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-47141",
"url": "https://access.redhat.com/security/cve/CVE-2026-47141"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-47208",
"url": "https://access.redhat.com/security/cve/CVE-2026-47208"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-47209",
"url": "https://access.redhat.com/security/cve/CVE-2026-47209"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-48779",
"url": "https://access.redhat.com/security/cve/CVE-2026-48779"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-9277",
"url": "https://access.redhat.com/security/cve/CVE-2026-9277"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-9673",
"url": "https://access.redhat.com/security/cve/CVE-2026-9673"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://catalog.redhat.com/search?gs\u0026searchType=containers\u0026q=rhdh",
"url": "https://catalog.redhat.com/search?gs\u0026searchType=containers\u0026q=rhdh"
},
{
"category": "external",
"summary": "https://developers.redhat.com/rhdh/overview",
"url": "https://developers.redhat.com/rhdh/overview"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_developer_hub",
"url": "https://docs.redhat.com/en/documentation/red_hat_developer_hub"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHDHBUGS-3081",
"url": "https://issues.redhat.com/browse/RHDHBUGS-3081"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHDHBUGS-3369",
"url": "https://issues.redhat.com/browse/RHDHBUGS-3369"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-13319",
"url": "https://issues.redhat.com/browse/RHIDP-13319"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-13408",
"url": "https://issues.redhat.com/browse/RHIDP-13408"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-13446",
"url": "https://issues.redhat.com/browse/RHIDP-13446"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-13451",
"url": "https://issues.redhat.com/browse/RHIDP-13451"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-13457",
"url": "https://issues.redhat.com/browse/RHIDP-13457"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-13488",
"url": "https://issues.redhat.com/browse/RHIDP-13488"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-13966",
"url": "https://issues.redhat.com/browse/RHIDP-13966"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-14572",
"url": "https://issues.redhat.com/browse/RHIDP-14572"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-14597",
"url": "https://issues.redhat.com/browse/RHIDP-14597"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-14703",
"url": "https://issues.redhat.com/browse/RHIDP-14703"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-14733",
"url": "https://issues.redhat.com/browse/RHIDP-14733"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-14735",
"url": "https://issues.redhat.com/browse/RHIDP-14735"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-14736",
"url": "https://issues.redhat.com/browse/RHIDP-14736"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-14738",
"url": "https://issues.redhat.com/browse/RHIDP-14738"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-14740",
"url": "https://issues.redhat.com/browse/RHIDP-14740"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-14743",
"url": "https://issues.redhat.com/browse/RHIDP-14743"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-14744",
"url": "https://issues.redhat.com/browse/RHIDP-14744"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-14831",
"url": "https://issues.redhat.com/browse/RHIDP-14831"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-14835",
"url": "https://issues.redhat.com/browse/RHIDP-14835"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-14837",
"url": "https://issues.redhat.com/browse/RHIDP-14837"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-14895",
"url": "https://issues.redhat.com/browse/RHIDP-14895"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-14936",
"url": "https://issues.redhat.com/browse/RHIDP-14936"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-14937",
"url": "https://issues.redhat.com/browse/RHIDP-14937"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-14939",
"url": "https://issues.redhat.com/browse/RHIDP-14939"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-14941",
"url": "https://issues.redhat.com/browse/RHIDP-14941"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-14943",
"url": "https://issues.redhat.com/browse/RHIDP-14943"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-15033",
"url": "https://issues.redhat.com/browse/RHIDP-15033"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-15039",
"url": "https://issues.redhat.com/browse/RHIDP-15039"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-15042",
"url": "https://issues.redhat.com/browse/RHIDP-15042"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-15067",
"url": "https://issues.redhat.com/browse/RHIDP-15067"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-15073",
"url": "https://issues.redhat.com/browse/RHIDP-15073"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-15145",
"url": "https://issues.redhat.com/browse/RHIDP-15145"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_33574.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Developer Hub 1.9.6 release.",
"tracking": {
"current_release_date": "2026-07-07T18:57:33+00:00",
"generator": {
"date": "2026-07-07T18:57:33+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:33574",
"initial_release_date": "2026-06-30T15:00:33+00:00",
"revision_history": [
{
"date": "2026-06-30T15:00:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-30T15:00:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-07T18:57:33+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Developer Hub 1.9",
"product": {
"name": "Red Hat Developer Hub 1.9",
"product_id": "Red Hat Developer Hub 1.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhdh:1.9::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Developer Hub"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"product": {
"name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"product_id": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhdh-hub-rhel9@sha256%3A044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c?arch=amd64\u0026repository_url=registry.redhat.io/rhdh/rhdh-hub-rhel9\u0026tag=1782761244"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64",
"product": {
"name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64",
"product_id": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhdh-rhel9-operator@sha256%3A219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785?arch=amd64\u0026repository_url=registry.redhat.io/rhdh/rhdh-rhel9-operator\u0026tag=1782767215"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"product": {
"name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"product_id": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhdh-operator-bundle@sha256%3A66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893?arch=amd64\u0026repository_url=registry.redhat.io/rhdh/rhdh-operator-bundle\u0026tag=1782772967"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64 as a component of Red Hat Developer Hub 1.9",
"product_id": "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
},
"product_reference": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"relates_to_product_reference": "Red Hat Developer Hub 1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64 as a component of Red Hat Developer Hub 1.9",
"product_id": "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64"
},
"product_reference": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"relates_to_product_reference": "Red Hat Developer Hub 1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64 as a component of Red Hat Developer Hub 1.9",
"product_id": "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
},
"product_reference": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64",
"relates_to_product_reference": "Red Hat Developer Hub 1.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-9277",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2026-05-22T14:01:14.427751+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480741"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the shell-quote component. The quote() function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpret as a command separator. This could lead to command injection, enabling the attacker to execute arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-9277"
},
{
"category": "external",
"summary": "RHBZ#2480741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480741"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-9277",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9277"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9277",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9277"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote",
"url": "https://github.com/ljharb/shell-quote"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote/commit/1518179",
"url": "https://github.com/ljharb/shell-quote/commit/1518179"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p",
"url": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/shell-quote",
"url": "https://www.npmjs.com/package/shell-quote"
}
],
"release_date": "2026-05-22T13:22:38.873000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators"
},
{
"cve": "CVE-2026-9673",
"cwe": {
"id": "CWE-1236",
"name": "Improper Neutralization of Formula Elements in a CSV File"
},
"discovery_date": "2026-05-28T06:01:00.245616+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2482486"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in json-2-csv. An attacker can bypass the `preventCsvInjection` option to inject malicious formulas into CSV (Comma Separated Values) files. When these manipulated CSV files are opened in spreadsheet applications, the injected formulas can execute, potentially leading to arbitrary code execution or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "json-2-csv: json-2-csv: CSV Injection vulnerability allows arbitrary code execution via `preventCsvInjection` bypass.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Moderate vulnerability in `json-2-csv` allows for CSV Injection due to a bypass in the `preventCsvInjection` option. While exploitation requires a user to open a specially crafted CSV file in a spreadsheet application, successful attacks could lead to arbitrary code execution or information disclosure. This affects Red Hat Developer Hub and Red Hat Ansible Automation Platform when processing untrusted data that is subsequently exported to CSV and opened by a user.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-9673"
},
{
"category": "external",
"summary": "RHBZ#2482486",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482486"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-9673",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9673"
},
{
"category": "external",
"summary": "https://gist.github.com/whoamins/299745a2d36b482b44e9613b78e40613",
"url": "https://gist.github.com/whoamins/299745a2d36b482b44e9613b78e40613"
},
{
"category": "external",
"summary": "https://github.com/mrodrig/json-2-csv/blob/main/src/json2csv.ts%23L410",
"url": "https://github.com/mrodrig/json-2-csv/blob/main/src/json2csv.ts%23L410"
},
{
"category": "external",
"summary": "https://github.com/mrodrig/json-2-csv/commit/0fdd0bb6d0273178cd940afc323ccbce19688229",
"url": "https://github.com/mrodrig/json-2-csv/commit/0fdd0bb6d0273178cd940afc323ccbce19688229"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-JSON2CSV-14221326",
"url": "https://security.snyk.io/vuln/SNYK-JS-JSON2CSV-14221326"
}
],
"release_date": "2026-05-28T05:00:02.387000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "json-2-csv: json-2-csv: CSV Injection vulnerability allows arbitrary code execution via `preventCsvInjection` bypass."
},
{
"cve": "CVE-2026-27145",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-06-02T23:01:08.992540+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2484207"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/x509` package of `golang`. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by presenting a specially crafted X.509 certificate with a large number of DNS Subject Alternative Name (SAN) entries. The certificate verification process, specifically the `VerifyHostname` function, incurs excessive computational overhead due to repeated string operations when processing these entries. This can lead to a significant performance degradation or unresponsiveness of systems validating such certificates.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A flaw was found in the Go standard library crypto/x509 package. When verifying a TLS certificate hostname, VerifyHostname processed each DNS Subject Alternative Name (SAN) entry in a loop and repeatedly split the candidate hostname on \".\" characters. For certificates with a very large DNS SAN list, CPU use could grow quadratically with the number of SAN entries and hostname labels. Because hostname verification runs before the certificate chain is built, this overhead can occur even when the certificate is not trusted.\n\nRed Hat rates this issue as Important. It affects Red Hat products that include the Go standard library crypto/x509 code from an affected Go toolchain version (before Go 1.25.11, or from Go 1.26.0 through Go 1.26.3). Applications and container images built with a fixed Go release (1.25.11 or later, or 1.26.4 or later) are not affected. Community distributions such as Fedora are also affected.\n\nUpstream fix: Go 1.25.11 and Go 1.26.4 (GO-2026-5037).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27145"
},
{
"category": "external",
"summary": "RHBZ#2484207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2484207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27145",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27145"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27145",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27145"
},
{
"category": "external",
"summary": "https://go.dev/cl/783621",
"url": "https://go.dev/cl/783621"
},
{
"category": "external",
"summary": "https://go.dev/issue/79694",
"url": "https://go.dev/issue/79694"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/tKs3rmcBcKw",
"url": "https://groups.google.com/g/golang-announce/c/tKs3rmcBcKw"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5037",
"url": "https://pkg.go.dev/vuln/GO-2026-5037"
}
],
"release_date": "2026-06-02T22:01:36.954000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"category": "workaround",
"details": "A flaw was found in the Go standard library crypto/x509 package. When verifying a TLS certificate hostname, VerifyHostname processed each DNS Subject Alternative Name (SAN) entry in a loop and repeatedly split the candidate hostname on \".\" characters. For certificates with a very large DNS SAN list, CPU use could grow quadratically with the number of SAN entries and hostname labels. Because hostname verification runs before the certificate chain is built, this overhead can occur even when the certificate is not trusted.\n\nRed Hat rates this issue as Important. It affects Red Hat products that include the Go standard library crypto/x509 code from an affected Go toolchain version (before Go 1.25.11, or from Go 1.26.0 through Go 1.26.3). Applications and container images built with a fixed Go release (1.25.11 or later, or 1.26.4 or later) are not affected. Community distributions such as Fedora are also affected.\n\nUpstream fix: Go 1.25.11 and Go 1.26.4 (GO-2026-5037).",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries"
},
{
"cve": "CVE-2026-33811",
"cwe": {
"id": "CWE-1341",
"name": "Multiple Releases of Same Resource or Handle"
},
"discovery_date": "2026-05-07T20:01:34.913869+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467822"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net` package, affecting applications configured to use the `cgo` DNS resolver. A remote attacker could trigger a double-free memory error by providing a very long CNAME response, leading to a crash of the vulnerable application and impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "RHBZ#2467822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467822"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33811",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33811"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://go.dev/cl/767860",
"url": "https://go.dev/cl/767860"
},
{
"category": "external",
"summary": "https://go.dev/issue/78803",
"url": "https://go.dev/issue/78803"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4981",
"url": "https://pkg.go.dev/vuln/GO-2026-4981"
}
],
"release_date": "2026-05-07T19:41:19.285000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications can be configured to use the pure Go DNS resolver instead of the `cgo` DNS resolver. This can be achieved by setting the `GODEBUG` environment variable to `netdns=go`. For example, to run a Go application with this mitigation: `GODEBUG=netdns=go /path/to/your/go/application`. This change may require restarting affected applications or services to take effect. Users should verify that this change does not negatively impact DNS resolution for their specific application environment.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME"
},
{
"cve": "CVE-2026-39820",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-05-07T20:01:27.800929+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467820"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net/mail` package. Applications processing untrusted email inputs via `ParseAddress`, `ParseAddressList`, or `ParseDate` functions are susceptible to excessive resource consumption, which can lead to service unavailability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "RHBZ#2467820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467820"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39820",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39820"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://go.dev/cl/759940",
"url": "https://go.dev/cl/759940"
},
{
"category": "external",
"summary": "https://go.dev/issue/78566",
"url": "https://go.dev/issue/78566"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4986",
"url": "https://pkg.go.dev/vuln/GO-2026-4986"
}
],
"release_date": "2026-05-07T19:41:19.854000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs"
},
{
"cve": "CVE-2026-42033",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T18:01:20.937507+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461607"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, an HTTP client library. This vulnerability allows an attacker to exploit a prototype pollution issue if another part of the application has already polluted the Object.prototype. By doing so, the attacker can intercept and modify JSON responses or take control of the HTTP communication. This could lead to unauthorized access to sensitive information like user credentials and request details.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: HTTP Transport Hijacking via Prototype Pollution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42033"
},
{
"category": "external",
"summary": "RHBZ#2461607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461607"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42033",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42033"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42033",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42033"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf",
"url": "https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf"
}
],
"release_date": "2026-04-24T17:36:44.132000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: HTTP Transport Hijacking via Prototype Pollution"
},
{
"cve": "CVE-2026-42035",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T18:01:17.109481+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461606"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a software library for making network requests. A remote attacker can exploit a prototype pollution vulnerability to inject arbitrary HTTP headers into outgoing requests. This occurs when the application\u0027s core object definitions are manipulated, causing Axios to misinterpret data and include attacker-controlled headers in network communications. This could lead to unauthorized actions or data manipulation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Arbitrary HTTP header injection via prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42035"
},
{
"category": "external",
"summary": "RHBZ#2461606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42035",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42035"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9",
"url": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9"
}
],
"release_date": "2026-04-24T17:38:07.752000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "axios: Axios: Arbitrary HTTP header injection via prototype pollution"
},
{
"cve": "CVE-2026-42039",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-24T19:01:44.887156+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461630"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client for browsers and Node.js. This vulnerability occurs because the `toFormData` function recursively processes nested objects without a depth limit. A remote attacker can exploit this by sending deeply nested request data, which causes the Node.js process to crash due to a RangeError, leading to a potential Denial of Service (DoS) if the process crashes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42039"
},
{
"category": "external",
"summary": "RHBZ#2461630",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461630"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42039",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42039"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42039",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42039"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9",
"url": "https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9"
}
],
"release_date": "2026-04-24T18:01:30.775000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data"
},
{
"cve": "CVE-2026-42041",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T19:01:41.034289+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461629"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability, a Prototype Pollution \"Gadget\" attack, allows an attacker to manipulate the `Object.prototype.validateStatus` property. By polluting this property, all HTTP error responses (such as 401, 403, or 500) are silently treated as successful responses. This can lead to a complete bypass of application-level authentication and error handling, potentially granting unauthorized access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42041"
},
{
"category": "external",
"summary": "RHBZ#2461629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461629"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42041",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42041"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63",
"url": "https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63"
}
],
"release_date": "2026-04-24T17:55:30.036000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling"
},
{
"cve": "CVE-2026-42043",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2026-04-24T19:01:22.552379+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461626"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. An attacker who can control the destination address of an Axios request can exploit this vulnerability. By using specific internal network addresses (within the 127.0.0.0/8 range, excluding 127.0.0.1), the attacker can completely bypass the NO_PROXY protection, potentially leading to unauthorized access or information disclosure within the network. This issue is an incomplete fix for a previous vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: NO_PROXY bypass via crafted URL",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42043"
},
{
"category": "external",
"summary": "RHBZ#2461626",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461626"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42043",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42043"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42043",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42043"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7",
"url": "https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7"
}
],
"release_date": "2026-04-24T17:54:42.668000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: NO_PROXY bypass via crafted URL"
},
{
"cve": "CVE-2026-42044",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T19:01:13.418725+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461624"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution \"Gadget\" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could lead to significant security breaches, including unauthorized privilege escalation, fraudulent balance manipulation, or bypassing critical authorization checks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42044"
},
{
"category": "external",
"summary": "RHBZ#2461624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461624"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42044",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42044"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23",
"url": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23"
}
],
"release_date": "2026-04-24T17:49:49.517000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget"
},
{
"cve": "CVE-2026-42338",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-05-12T21:01:14.436876+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2476810"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ip-address, a JavaScript library for parsing and manipulating IPv4 and IPv6 addresses. This vulnerability allows a remote attacker to perform cross-site scripting (XSS) by providing untrusted input to the Address6 constructor. When an application renders the output of Address6.group(), Address6.link(), or the AddressError.parseMessage as HTML without proper escaping, the attacker-controlled content can be executed in the user\u0027s browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in the `ip-address` JavaScript library is rated as Important. It allows for cross-site scripting (XSS) when an application processes untrusted input through the `Address6` constructor and subsequently renders the unescaped output of methods like `Address6.group()`, `Address6.link()`, or `AddressError.parseMessage` directly as HTML. While the library itself is affected, exploitation is contingent on specific application-level rendering practices that may not be common in Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42338"
},
{
"category": "external",
"summary": "RHBZ#2476810",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2476810"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42338",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42338"
},
{
"category": "external",
"summary": "https://github.com/beaugunderson/ip-address/security/advisories/GHSA-v2v4-37r5-5v8g",
"url": "https://github.com/beaugunderson/ip-address/security/advisories/GHSA-v2v4-37r5-5v8g"
}
],
"release_date": "2026-05-12T19:43:16.470000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input"
},
{
"cve": "CVE-2026-42499",
"cwe": {
"id": "CWE-1046",
"name": "Creation of Immutable Text Using String Concatenation"
},
"discovery_date": "2026-05-07T20:00:51.685602+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467809"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the `net/mail` package of the Go standard library. A remote attacker can exploit this flaw by sending specially crafted email addresses, leading to excessive resource consumption and a denial of service in Go applications that parse email addresses using the affected library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "RHBZ#2467809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467809"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42499",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42499"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://go.dev/cl/771520",
"url": "https://go.dev/cl/771520"
},
{
"category": "external",
"summary": "https://go.dev/issue/78987",
"url": "https://go.dev/issue/78987"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4977",
"url": "https://pkg.go.dev/vuln/GO-2026-4977"
}
],
"release_date": "2026-05-07T19:41:18.615000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing"
},
{
"cve": "CVE-2026-44486",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2026-06-11T17:01:30.944384+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487947"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client, specifically in its Node.js HTTP adapter. When Axios is configured to use an authenticated proxy and follows a redirect, it may inadvertently send the Proxy-Authorization header, containing proxy credentials, to the redirect target. This can lead to the disclosure of sensitive proxy credentials to an unintended remote server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Information disclosure of proxy credentials via HTTP redirects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important information disclosure flaw in the Axios Node.js HTTP adapter. Red Hat products utilizing Axios in a Node.js environment with an authenticated proxy and automatic redirects enabled are susceptible. The vulnerability arises when a request, initially sent through an authenticated proxy, is redirected to a target that no longer uses the proxy, potentially leaking `Proxy-Authorization` headers containing sensitive credentials to an untrusted remote server. This risk is heightened in deployments where applications interact with untrusted HTTP origins.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44486"
},
{
"category": "external",
"summary": "RHBZ#2487947",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487947"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44486",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44486"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44486",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44486"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-j5f8-grm9-p9fc",
"url": "https://github.com/axios/axios/security/advisories/GHSA-j5f8-grm9-p9fc"
}
],
"release_date": "2026-06-11T15:39:07.714000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Information disclosure of proxy credentials via HTTP redirects"
},
{
"cve": "CVE-2026-44487",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2026-06-11T17:01:34.091476+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487948"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios. During specific proxy-to-direct redirect flows in the Node.js HTTP adapter, a remote attacker could exploit this vulnerability. The Proxy-Authorization header, which contains proxy credentials and is intended only for the outbound proxy, may be forwarded to the final redirected origin. This can lead to the disclosure of sensitive proxy credentials to an unintended third party.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Information disclosure of proxy credentials via redirect flows",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important information disclosure flaw in Axios affecting Node.js environments. When an application uses Axios with an authenticated HTTP proxy and follows redirects from an HTTP to a non-proxied HTTPS destination, the Proxy-Authorization header may be inadvertently sent to the final origin server. This could lead to the exposure of sensitive proxy credentials to an unintended third party.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44487"
},
{
"category": "external",
"summary": "RHBZ#2487948",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487948"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44487"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-p92q-9vqr-4j8v",
"url": "https://github.com/axios/axios/security/advisories/GHSA-p92q-9vqr-4j8v"
}
],
"release_date": "2026-06-11T15:38:25.150000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Information disclosure of proxy credentials via redirect flows"
},
{
"cve": "CVE-2026-44488",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-06-11T17:01:36.836488+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487949"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. When using the fetch adapter, Axios did not properly enforce configured request and response size limits. This vulnerability allows a remote attacker, through a malicious or compromised server, or by supplying a large data URL, to send or receive oversized data bodies. This can lead to resource exhaustion in server-side applications, resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Denial of Service due to unenforced request and response size limits",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A denial of service flaw was found in Axios, a JavaScript HTTP client library. This issue arises when applications utilize the `fetch` adapter, as configured request and response size limits are not properly enforced. A remote attacker could exploit this by sending or receiving excessively large data bodies, leading to resource exhaustion and potential denial of service in affected server-side applications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44488"
},
{
"category": "external",
"summary": "RHBZ#2487949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44488",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44488"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44488",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44488"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-777c-7fjr-54vf",
"url": "https://github.com/axios/axios/security/advisories/GHSA-777c-7fjr-54vf"
}
],
"release_date": "2026-06-11T15:37:38.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Denial of Service due to unenforced request and response size limits"
},
{
"cve": "CVE-2026-44492",
"cwe": {
"id": "CWE-289",
"name": "Authentication Bypass by Alternate Name"
},
"discovery_date": "2026-06-11T17:00:56.761751+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487938"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not properly normalize IPv4-mapped IPv6 addresses. When a NO_PROXY setting is configured to block direct access to specific IPv4 addresses, an attacker can bypass this restriction by using the IPv4-mapped IPv6 form of the address in a request URL. This allows the request to be routed through the proxy, potentially exposing internal services or sensitive information that should otherwise be inaccessible.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Proxy bypass via IPv4-mapped IPv6 address non-normalization",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in Axios, a JavaScript HTTP client library, that allows for a proxy bypass. When a `NO_PROXY` environment variable is configured to prevent direct connections to specific IPv4 addresses, an attacker can craft a request URL using the IPv4-mapped IPv6 address format. This bypasses the intended `NO_PROXY` exclusion, routing the request through the configured proxy and potentially exposing internal services or sensitive information, such as cloud instance metadata credentials.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44492"
},
{
"category": "external",
"summary": "RHBZ#2487938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487938"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44492",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44492"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44492",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44492"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-pjwm-pj3p-43mv",
"url": "https://github.com/axios/axios/security/advisories/GHSA-pjwm-pj3p-43mv"
}
],
"release_date": "2026-06-11T15:29:13.890000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Proxy bypass via IPv4-mapped IPv6 address non-normalization"
},
{
"cve": "CVE-2026-44494",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-06-11T17:01:12.945664+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487942"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios. This vulnerability, a Prototype Pollution \"Gadget\" attack, allows an attacker to escalate any existing Object.prototype pollution in an application\u0027s dependency tree into a full Man-in-the-Middle (MITM) attack. This enables the attacker to intercept, read, and modify all HTTP traffic, including sensitive authentication credentials. The flaw occurs because the `config.proxy` setting is susceptible to prototype pollution, allowing an attacker to inject a malicious proxy server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Man-in-the-Middle (MITM) attack via Prototype Pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in the Axios library allows an attacker to escalate existing prototype pollution vulnerabilities within an application\u0027s dependency tree into a full Man-in-the-Middle (MITM) attack. By injecting a malicious proxy configuration into the `Object.prototype`, an attacker can intercept, read, and modify all HTTP traffic, including sensitive authentication credentials, without direct user interaction. This poses a significant risk to data confidentiality and integrity in Red Hat products that utilize the Axios library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44494"
},
{
"category": "external",
"summary": "RHBZ#2487942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487942"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44494",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44494"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44494",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44494"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-35jp-ww65-95wh",
"url": "https://github.com/axios/axios/security/advisories/GHSA-35jp-ww65-95wh"
}
],
"release_date": "2026-06-11T15:32:03.155000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Man-in-the-Middle (MITM) attack via Prototype Pollution"
},
{
"cve": "CVE-2026-44495",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-06-11T17:00:53.999811+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487937"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability involves prototype pollution gadgets in the request configuration processing. If another vulnerability has already polluted the Object.prototype.transformResponse, affected Axios versions may incorrectly interpret this inherited value as part of the request configuration or as an option validator. Axios does not itself create the prototype pollution. Exploitability requires a separate prototype-pollution vulnerability or equivalent attacker control over Object.prototype before Axios creates a request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Information disclosure due to prototype pollution vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important vulnerability in Axios, a promise-based HTTP client, can lead to information disclosure, including credential theft and response hijacking, or denial of service. Exploitation requires a separate prototype pollution vulnerability in the same JavaScript process, allowing an attacker to control `Object.prototype.transformResponse`. Red Hat products using affected Axios versions are at risk if another component introduces such pollution.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44495"
},
{
"category": "external",
"summary": "RHBZ#2487937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487937"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44495",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44495"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44495",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44495"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-3g43-6gmg-66jw",
"url": "https://github.com/axios/axios/security/advisories/GHSA-3g43-6gmg-66jw"
}
],
"release_date": "2026-06-11T15:33:12.433000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Information disclosure due to prototype pollution vulnerability"
},
{
"cve": "CVE-2026-44496",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-06-11T17:01:15.856386+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487943"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios. A remote attacker, by influencing the XSRF cookie name in a browser environment, could cause the application to construct a regular expression that leads to excessive processing. This can result in a client-side Denial of Service (DoS), where the affected browser tab may freeze, impacting the availability of the application for the user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Client-side Denial of Service via unescaped regex metacharacters in XSRF cookie name",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in Axios can lead to a client-side Denial of Service. An attacker capable of influencing the XSRF cookie name within a browser environment could trigger excessive regular expression processing, causing the affected browser tab to freeze and degrade user availability. This issue specifically impacts browser-based applications and does not affect Node.js HTTP adapter usage, React Native, or web workers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44496"
},
{
"category": "external",
"summary": "RHBZ#2487943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487943"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44496",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44496"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44496",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44496"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-hfxv-24rg-xrqf",
"url": "https://github.com/axios/axios/security/advisories/GHSA-hfxv-24rg-xrqf"
}
],
"release_date": "2026-06-11T15:34:28.492000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Client-side Denial of Service via unescaped regex metacharacters in XSRF cookie name"
},
{
"cve": "CVE-2026-44724",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2026-05-27T21:02:14.837088+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2482416"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in systeminformation, a Node.js library. This vulnerability allows a local attacker on Linux to inject arbitrary commands. This occurs when an active NetworkManager connection profile name contains shell metacharacters, which are not properly sanitized before being used in shell commands. Successful exploitation can lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "systeminformation: systeminformation: Command injection via NetworkManager connection profile name",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in the `systeminformation` Node.js library allows a local attacker to achieve arbitrary command execution on Linux systems. The vulnerability arises when an active NetworkManager connection profile name contains shell metacharacters, which are not properly sanitized before being processed by the library. Exploitation requires the attacker to have privileges to create or rename NetworkManager connection profiles.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44724"
},
{
"category": "external",
"summary": "RHBZ#2482416",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482416"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44724",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44724"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44724",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44724"
},
{
"category": "external",
"summary": "https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-hvx9-hwr7-wjj9",
"url": "https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-hvx9-hwr7-wjj9"
}
],
"release_date": "2026-05-27T19:26:28.392000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "systeminformation: systeminformation: Command injection via NetworkManager connection profile name"
},
{
"cve": "CVE-2026-45736",
"cwe": {
"id": "CWE-824",
"name": "Access of Uninitialized Pointer"
},
"discovery_date": "2026-05-15T16:00:55.786944+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477914"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ws, an open source WebSocket client and server for Node.js. The `websocket.close()` implementation is vulnerable to uninitialized memory disclosure when a `TypedArray` is passed as the reason argument. This can lead to the disclosure of sensitive information from uninitialized memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ws: ws: Uninitialized memory disclosure via `websocket.close()` with `TypedArray`",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important vulnerability in the `ws` WebSocket library for Node.js could lead to sensitive information disclosure. The flaw occurs when a `TypedArray` is specifically provided as the `reason` argument to the `websocket.close()` function, potentially exposing uninitialized memory. Red Hat products utilizing this library may be affected if their implementations allow for such a crafted `close()` call.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-45736"
},
{
"category": "external",
"summary": "RHBZ#2477914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477914"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-45736",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45736"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45736",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45736"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086",
"url": "https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/security/advisories/GHSA-58qx-3vcg-4xpx",
"url": "https://github.com/websockets/ws/security/advisories/GHSA-58qx-3vcg-4xpx"
}
],
"release_date": "2026-05-15T14:53:57.263000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ws: ws: Uninitialized memory disclosure via `websocket.close()` with `TypedArray`"
},
{
"cve": "CVE-2026-47131",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2026-06-12T15:01:52.744009+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488393"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vm2, an open-source virtual machine (VM) sandbox for Node.js. A remote attacker can exploit this vulnerability by combining specific Buffer function calls and Node.js\u0027s ERR_INVALID_ARG_TYPE error. This allows the attacker to obtain the host\u0027s TypeError constructor, leading to an escape from the sandbox. Consequently, this enables attackers to run arbitrary code on the host system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vm2: vm2: Arbitrary code execution via sandbox escape vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has rated the impact of this vulnerability as Moderate in Red Hat Developer Hub and Ansible Automation Platform.The affected package is present in both products as a transitive dependency; however, the vulnerable sandbox functionality is not invoked in any production code path. The active sandboxing mechanism used by both products does not rely on this package, and user-supplied input cannot reach the vulnerable code under a standard deployment. Exploitation would require an attacker to independently route arbitrary JavaScript into the sandbox runtime, a condition not present in the default configuration of either product.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-47131"
},
{
"category": "external",
"summary": "RHBZ#2488393",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488393"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-47131",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47131"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-47131",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47131"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/commit/27c525f4615e2b983f122e2bed327d810126f5c8",
"url": "https://github.com/patriksimek/vm2/commit/27c525f4615e2b983f122e2bed327d810126f5c8"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/releases/tag/v3.11.4",
"url": "https://github.com/patriksimek/vm2/releases/tag/v3.11.4"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/security/advisories/GHSA-v6mx-mf47-r5wg",
"url": "https://github.com/patriksimek/vm2/security/advisories/GHSA-v6mx-mf47-r5wg"
}
],
"release_date": "2026-06-12T14:14:17.037000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vm2: vm2: Arbitrary code execution via sandbox escape vulnerability"
},
{
"cve": "CVE-2026-47135",
"cwe": {
"id": "CWE-1100",
"name": "Insufficient Isolation of System-Dependent Functions"
},
"discovery_date": "2026-06-12T15:02:02.154869+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488396"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vm2, an open-source virtual machine (VM) sandbox for Node.js. An attacker within the sandbox could exploit incomplete symbol interception and missing security checks to gain control over the host system. This could allow the attacker to execute arbitrary code outside the sandbox environment, leading to a complete compromise of the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vm2: vm2: Sandbox escape allows arbitrary code execution on the host system",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated as Moderate for Red Hat Developer Hub and Red Hat Ansible Automation Platform. The vm2 sandbox exists as a transitive dependency in Red Hat Developer Hub and is only utilized during build time. The sandbox is therefore not exposed on the production code path. Exploitation of this vulnerability requires attackers to write cross-realm symbol keys to host objects which is not possible in the default configuration of Red Hat Developer Hub.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-47135"
},
{
"category": "external",
"summary": "RHBZ#2488396",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488396"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-47135",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47135"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-47135",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47135"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/commit/928aef51898b5c52a05f05a40c4cfeb52e172878",
"url": "https://github.com/patriksimek/vm2/commit/928aef51898b5c52a05f05a40c4cfeb52e172878"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/releases/tag/v3.11.4",
"url": "https://github.com/patriksimek/vm2/releases/tag/v3.11.4"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/security/advisories/GHSA-m5q2-4fm3-vfqp",
"url": "https://github.com/patriksimek/vm2/security/advisories/GHSA-m5q2-4fm3-vfqp"
}
],
"release_date": "2026-06-12T14:14:42.022000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vm2: vm2: Sandbox escape allows arbitrary code execution on the host system"
},
{
"cve": "CVE-2026-47137",
"cwe": {
"id": "CWE-480",
"name": "Use of Incorrect Operator"
},
"discovery_date": "2026-06-12T15:01:24.611905+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488385"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vm2, an open-source virtual machine (VM) sandbox for Node.js. A remote attacker could bypass a security check designed to prevent the combination of nested environments and disabled module loading. This bypass occurs because a strict equality check for the `require` option can be circumvented by simply omitting the option, leading to an unintended configuration. Successful exploitation of this vulnerability could allow an attacker to escape the sandbox and achieve arbitrary code execution on the host system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vm2: vm2: Sandbox escape leading to arbitrary code execution via security bypass",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has rated the impact of this vulnerability as Moderate in Red Hat Developer Hub and Ansible Automation Platform.The affected package is present in both products as a transitive dependency; however, the vulnerable sandbox functionality is not invoked in any production code path. The active sandboxing mechanism used by both products does not rely on this package, and user-supplied input cannot reach the vulnerable code under a standard deployment. Exploitation would require an attacker to independently route arbitrary JavaScript into the sandbox runtime, a condition not present in the default configuration of either product.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-47137"
},
{
"category": "external",
"summary": "RHBZ#2488385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-47137",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-47137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47137"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-g644-9gfx-q4q4",
"url": "https://github.com/advisories/GHSA-g644-9gfx-q4q4"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/commit/01a7552add345d5a6862623884e6b79a85bf0568",
"url": "https://github.com/patriksimek/vm2/commit/01a7552add345d5a6862623884e6b79a85bf0568"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/commit/86ab819f202c3a8dad88cef5705f2e416c5188d7",
"url": "https://github.com/patriksimek/vm2/commit/86ab819f202c3a8dad88cef5705f2e416c5188d7"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/releases/tag/v3.11.4",
"url": "https://github.com/patriksimek/vm2/releases/tag/v3.11.4"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/security/advisories/GHSA-m4wx-m65x-ghrr",
"url": "https://github.com/patriksimek/vm2/security/advisories/GHSA-m4wx-m65x-ghrr"
}
],
"release_date": "2026-06-12T14:15:34.795000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "vm2: vm2: Sandbox escape leading to arbitrary code execution via security bypass"
},
{
"cve": "CVE-2026-47139",
"cwe": {
"id": "CWE-1100",
"name": "Insufficient Isolation of System-Dependent Functions"
},
"discovery_date": "2026-06-12T15:01:31.104545+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488387"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vm2, a Node.js sandbox. This vulnerability allows sandboxed code to bypass network restrictions by utilizing internal HTTP built-ins, such as _http_client and _http_server. An attacker can exploit this to make outbound HTTP requests or open listening HTTP sockets, even when public network modules are explicitly denied. This could lead to unauthorized information disclosure or further compromise of the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vm2: vm2: Sandbox escape via internal HTTP built-ins leading to network restriction bypass",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated as Moderate for Red Hat Developer Hub and Red Hat Ansible Automation Platform. The vm2 sandbox exists as a transitive dependency in Red Hat Developer Hub and is only utilized during build time. The sandbox is therefore not exposed on the production code path. Exploitation of this vulnerability requires attackers to access internal HTTP built-ins which is not possible in the default configuration of Red Hat Developer Hub.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-47139"
},
{
"category": "external",
"summary": "RHBZ#2488387",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488387"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-47139",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47139"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-47139",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47139"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/commit/436053e30eecbabd487e2fd2959c137ac34e2bb1",
"url": "https://github.com/patriksimek/vm2/commit/436053e30eecbabd487e2fd2959c137ac34e2bb1"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/releases/tag/v3.11.4",
"url": "https://github.com/patriksimek/vm2/releases/tag/v3.11.4"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/security/advisories/GHSA-r9pm-gxmw-wv6p",
"url": "https://github.com/patriksimek/vm2/security/advisories/GHSA-r9pm-gxmw-wv6p"
}
],
"release_date": "2026-06-12T14:15:44.652000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vm2: vm2: Sandbox escape via internal HTTP built-ins leading to network restriction bypass"
},
{
"cve": "CVE-2026-47140",
"cwe": {
"id": "CWE-184",
"name": "Incomplete List of Disallowed Inputs"
},
"discovery_date": "2026-06-12T15:01:11.705175+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488381"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vm2, an open-source virtual machine (VM) sandbox for Node.js. This vulnerability allows sandboxed code to bypass intended security restrictions by exploiting missing entries in the denylist for dangerous Node.js built-in functions, specifically `process` and `inspector/promises`. A remote attacker can leverage this to execute arbitrary code in the host process, leading to a complete compromise of the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vm2: vm2: Arbitrary code execution due to incomplete sandbox restrictions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has rated the impact of this vulnerability as Moderate in Red Hat Developer Hub and Ansible Automation Platform.The affected package is present in both products as a transitive dependency; however, the vulnerable sandbox functionality is not invoked in any production code path. The active sandboxing mechanism used by both products does not rely on this package, and user-supplied input cannot reach the vulnerable code under a standard deployment. Exploitation would require an attacker to independently route arbitrary JavaScript into the sandbox runtime, a condition not present in the default configuration of either product.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-47140"
},
{
"category": "external",
"summary": "RHBZ#2488381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-47140",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47140"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-47140",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47140"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/commit/a1ed47a98d1cc36cb48c0d566d55889688e0b59b",
"url": "https://github.com/patriksimek/vm2/commit/a1ed47a98d1cc36cb48c0d566d55889688e0b59b"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/releases/tag/v3.11.4",
"url": "https://github.com/patriksimek/vm2/releases/tag/v3.11.4"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/security/advisories/GHSA-rp36-8xq3-r6c4",
"url": "https://github.com/patriksimek/vm2/security/advisories/GHSA-rp36-8xq3-r6c4"
}
],
"release_date": "2026-06-12T14:16:10.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "vm2: vm2: Arbitrary code execution due to incomplete sandbox restrictions"
},
{
"cve": "CVE-2026-47141",
"cwe": {
"id": "CWE-653",
"name": "Improper Isolation or Compartmentalization"
},
"discovery_date": "2026-06-12T15:01:05.444374+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488379"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vm2, an open-source virtual machine (VM) sandbox for Node.js. Prior to version 3.11.4, NodeVM, a component of vm2, improperly exposed certain process-wide observability builtins, such as diagnostics_channel, async_hooks, and perf_hooks. These builtins, which are designed for monitoring and debugging, were not adequately blocked by the dangerous builtin denylist. This oversight allowed sandboxed code to observe sensitive host application data, leading to information disclosure across the vm2 security boundary.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vm2: vm2: NodeVM observability builtins leak host process and HTTP request data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated as Moderate for Red Hat Developer Hub and Red Hat Ansible Automation Platform. The vm2 sandbox exists as a transitive dependency in Red Hat Developer Hub and is only utilized during build time. The sandbox is therefore not exposed on the production code path. Exploitation of this vulnerability requires attackers to access process-wide observability builtins which is not possible in the default configuration of Red Hat Developer Hub.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-47141"
},
{
"category": "external",
"summary": "RHBZ#2488379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-47141",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47141"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-47141",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47141"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/commit/e1c48fce05189f48e71efbd32af0754efa4066bb",
"url": "https://github.com/patriksimek/vm2/commit/e1c48fce05189f48e71efbd32af0754efa4066bb"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/releases/tag/v3.11.4",
"url": "https://github.com/patriksimek/vm2/releases/tag/v3.11.4"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/security/advisories/GHSA-9g8x-92q2-p28f",
"url": "https://github.com/patriksimek/vm2/security/advisories/GHSA-9g8x-92q2-p28f"
}
],
"release_date": "2026-06-12T14:17:35.970000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vm2: vm2: NodeVM observability builtins leak host process and HTTP request data"
},
{
"cve": "CVE-2026-47208",
"discovery_date": "2026-06-12T15:01:14.630546+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488382"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vm2, an open-source virtual machine (VM) sandbox for Node.js. This vulnerability allows an attacker to escape the sandbox environment by writing malicious code. Successful exploitation can lead to arbitrary code execution on the host system, compromising the integrity and confidentiality of the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vm2: vm2: Sandbox Breakout Using Promise Species",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation requires an attacker to supply untrusted malicious code to the vm2 sandbox, which is easily achieved since the component\u0027s main purpose is to execute untrusted code.\n\nEscaping the sandbox completely bypasses the intended security boundaries, leading directly to arbitrary code execution on the host system and a full compromise of confidentiality and integrity",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-47208"
},
{
"category": "external",
"summary": "RHBZ#2488382",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488382"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-47208",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47208"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-47208",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47208"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/commit/a462655009669c3124ee39498121651597529ea8",
"url": "https://github.com/patriksimek/vm2/commit/a462655009669c3124ee39498121651597529ea8"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/releases/tag/v3.11.4",
"url": "https://github.com/patriksimek/vm2/releases/tag/v3.11.4"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/security/advisories/GHSA-76w7-j9cq-rx2j",
"url": "https://github.com/patriksimek/vm2/security/advisories/GHSA-76w7-j9cq-rx2j"
}
],
"release_date": "2026-06-12T14:16:22.726000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vm2: vm2: Sandbox Breakout Using Promise Species"
},
{
"cve": "CVE-2026-47209",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-06-12T15:02:05.339635+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488397"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vm2, an open-source virtual machine (VM) sandbox for Node.js. This vulnerability allows an attacker to bypass security restrictions by writing dangerous cross-realm Symbol keys to host objects. This can lead to a compromise of the integrity of the host system, potentially enabling arbitrary code execution within the Node.js environment. The issue stems from the BaseHandler.set trap in bridge.js, which incorrectly writes to the host target object even when inherited property assignments should create an own property on the receiver.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vm2: vm2: Integrity bypass via incorrect property assignment leading to potential arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated as Moderate for Red Hat Developer Hub and Red Hat Ansible Automation Platform. The vm2 sandbox exists as a transitive dependency in Red Hat Developer Hub and is only utilized during build time. The sandbox is therefore not exposed on the production code path. Exploitation of this vulnerability requires attackers to write cross-realm symbol keys to host objects which is not possible in the default configuration of Red Hat Developer Hub.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-47209"
},
{
"category": "external",
"summary": "RHBZ#2488397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-47209",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47209"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-47209",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47209"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/commit/26d0318b5e6555be4b187ba05d6cf378ccecfe22",
"url": "https://github.com/patriksimek/vm2/commit/26d0318b5e6555be4b187ba05d6cf378ccecfe22"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/releases/tag/v3.11.4",
"url": "https://github.com/patriksimek/vm2/releases/tag/v3.11.4"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/security/advisories/GHSA-c4cf-2hgv-2qv6",
"url": "https://github.com/patriksimek/vm2/security/advisories/GHSA-c4cf-2hgv-2qv6"
}
],
"release_date": "2026-06-12T14:14:06.455000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vm2: vm2: Integrity bypass via incorrect property assignment leading to potential arbitrary code execution"
},
{
"cve": "CVE-2026-48779",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-06-16T22:01:24.571224+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2489661"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ws, an open source WebSocket client and server. A remote attacker can exploit this memory exhaustion vulnerability by sending a high volume of exceptionally small fragments and data chunks. This action forces the affected component to allocate and hold structural wrappers that consume excessive memory. Consequently, this leads to process termination and a denial of service (DoS) for the remote peer.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ws: ws: Denial of Service via memory exhaustion from small WebSocket fragments",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the `ws` WebSocket library. A remote attacker can exploit this flaw by sending a high volume of small, fragmented data, leading to excessive memory consumption and subsequent process termination. This can result in service disruption for Red Hat products that utilize `ws` for WebSocket communication.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-48779"
},
{
"category": "external",
"summary": "RHBZ#2489661",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2489661"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-48779",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48779"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-48779",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48779"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/commit/86d3e8a5fb0246ed373860c5fbb0de88824a27f7",
"url": "https://github.com/websockets/ws/commit/86d3e8a5fb0246ed373860c5fbb0de88824a27f7"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/commit/b5372ac67bb97a773727b8e9f5035a8123556d53",
"url": "https://github.com/websockets/ws/commit/b5372ac67bb97a773727b8e9f5035a8123556d53"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/commit/bca91adf15677e47dbe4f959653452727be28b94",
"url": "https://github.com/websockets/ws/commit/bca91adf15677e47dbe4f959653452727be28b94"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/commit/fd36cd864fcdf62a08273a99e19a7d975401fee8",
"url": "https://github.com/websockets/ws/commit/fd36cd864fcdf62a08273a99e19a7d975401fee8"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/security/advisories/GHSA-96hv-2xvq-fx4p",
"url": "https://github.com/websockets/ws/security/advisories/GHSA-96hv-2xvq-fx4p"
}
],
"release_date": "2026-06-16T21:26:22.537000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T15:00:33+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33574"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:044d2d72c21329826c144d9b55c381576a421188139de0fed693e74997665d2c_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:66fb23e8dbced7bb187928fb38562ae9e2649265d56f745044dd5e79b4209893_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:219babfcc89ae903edf35022aae79ba1d1b326386978db8ff267e24e50f9a785_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ws: ws: Denial of Service via memory exhaustion from small WebSocket fragments"
}
]
}
RHSA-2026:34364
Vulnerability from csaf_redhat - Published: 2026-07-01 16:16 - Updated: 2026-07-07 19:00A flaw was found in golang.org/x/net/html. A remote attacker could exploit this vulnerability by providing specially crafted HTML. When this arbitrary HTML is parsed and rendered, it can result in an unexpected HTML tree, bypassing input sanitization. This can be leveraged to execute Cross-Site Scripting (XSS) attacks, potentially leading to arbitrary code execution in applications that use the affected component.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
Workaround
|
A flaw was found in github.com/buger/jsonparser. The Delete function, when processing malformed JSON input, fails to properly validate offsets. This vulnerability can lead to a negative slice index and a runtime panic, allowing a remote attacker to cause a denial of service (DoS) by providing specially crafted JSON data.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
Workaround
|
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
Workaround
|
A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
Workaround
|
A flaw was found in golang.org/x/image. A remote attacker could exploit this vulnerability by providing a specially crafted WEBP image with an invalid, large size. This could cause the application to panic and crash on 32-bit platforms, leading to a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
Workaround
|
A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
Workaround
|
A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
Workaround
|
A flaw was found in Prometheus. An unauthenticated attacker can exploit the remote read endpoint (`/api/v1/read`) by sending a specially crafted, small snappy-compressed payload. This payload causes a disproportionately large memory allocation, leading to memory exhaustion and a Denial of Service (DoS) by crashing the Prometheus process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Logging for Red Hat OpenShift - 6.4.6",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Logging 6.4.6 is a cluster-wide logging solution for OpenShift that collects and manages applications, infrastructure, and audit logs.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:34364",
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25681",
"url": "https://access.redhat.com/security/cve/CVE-2026-25681"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32285",
"url": "https://access.redhat.com/security/cve/CVE-2026-32285"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33811",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33813",
"url": "https://access.redhat.com/security/cve/CVE-2026-33813"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39820",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39821",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42154",
"url": "https://access.redhat.com/security/cve/CVE-2026-42154"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42499",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_34364.json"
}
],
"title": "Red Hat Security Advisory: Logging for Red Hat OpenShift - 6.4.6",
"tracking": {
"current_release_date": "2026-07-07T19:00:55+00:00",
"generator": {
"date": "2026-07-07T19:00:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:34364",
"initial_release_date": "2026-07-01T16:16:22+00:00",
"revision_history": [
{
"date": "2026-07-01T16:16:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-01T16:16:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-07T19:00:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Logging Subsystem for Red Hat OpenShift 6.4",
"product": {
"name": "Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:6.4::el9"
}
}
}
],
"category": "product_family",
"name": "Logging Subsystem for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256%3A20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=1782412815"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256%3Ae5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=1782413532"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"product_id": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256%3A437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=1782408807"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"product_id": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256%3A0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=1782392885"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"product_id": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256%3A4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=1782405469"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"product_id": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256%3A93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=1782464542"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"product_id": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-operator-bundle@sha256%3A303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-operator-bundle\u0026tag=1782465285"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"product_id": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256%3Ae0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=1782392961"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"product_id": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256%3A37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=1782392937"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"product_id": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256%3A23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=1782393583"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256%3A036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=1782412815"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"product_id": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256%3A8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=1782408807"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"product_id": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256%3Ae4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=1782392885"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"product_id": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256%3A36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=1782405469"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"product_id": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256%3A2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=1782464542"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"product_id": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256%3A35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=1782392961"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"product_id": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256%3Ae07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=1782392937"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"product_id": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256%3A2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=1782393583"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256%3Ad379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=1782412815"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"product_id": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256%3Ad1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=1782408807"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"product_id": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256%3A1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=1782392885"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"product_id": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256%3Affcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=1782405469"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"product_id": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256%3A4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=1782464542"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"product_id": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256%3A57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=1782392961"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"product_id": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256%3A62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=1782392937"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x",
"product_id": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256%3Acaaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=1782393583"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256%3Af5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=1782412815"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256%3A404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=1782408807"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256%3A869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=1782392885"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256%3A613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=1782405469"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256%3Af278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=1782464542"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256%3Aab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=1782392961"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256%3A0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=1782392937"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256%3A9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=1782393583"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-25681",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-05-22T16:01:08.177603+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480761"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. A remote attacker could exploit this vulnerability by providing specially crafted HTML. When this arbitrary HTML is parsed and rendered, it can result in an unexpected HTML tree, bypassing input sanitization. This can be leveraged to execute Cross-Site Scripting (XSS) attacks, potentially leading to arbitrary code execution in applications that use the affected component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important vulnerability in `golang.org/x/net/html` could enable remote attackers to execute Cross-Site Scripting (XSS) attacks, potentially leading to arbitrary code execution. The flaw allows specially crafted HTML to bypass input sanitization during parsing and rendering. Red Hat products are affected if they process untrusted HTML content using the vulnerable component without additional output encoding or robust content security policies.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25681"
},
{
"category": "external",
"summary": "RHBZ#2480761",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480761"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25681",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25681"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25681",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25681"
},
{
"category": "external",
"summary": "https://go.dev/cl/781703",
"url": "https://go.dev/cl/781703"
},
{
"category": "external",
"summary": "https://go.dev/issue/79574",
"url": "https://go.dev/issue/79574"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5029",
"url": "https://pkg.go.dev/vuln/GO-2026-5029"
}
],
"release_date": "2026-05-22T15:01:21.975000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"category": "workaround",
"details": "To mitigate this flaw, applications processing untrusted HTML input must implement strict input sanitization and ensure all output is properly encoded before rendering. Deploying a comprehensive Content Security Policy (CSP) can restrict script execution, further reducing the attack surface. Administrators should review application configurations to ensure adequate protection against XSS.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting"
},
{
"cve": "CVE-2026-32285",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2026-03-26T20:01:54.925687+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451846"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/buger/jsonparser. The Delete function, when processing malformed JSON input, fails to properly validate offsets. This vulnerability can lead to a negative slice index and a runtime panic, allowing a remote attacker to cause a denial of service (DoS) by providing specially crafted JSON data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/buger/jsonparser: github.com/buger/jsonparser: Denial of Service via malformed JSON input",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32285"
},
{
"category": "external",
"summary": "RHBZ#2451846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451846"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32285",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32285"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32285",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32285"
},
{
"category": "external",
"summary": "https://github.com/buger/jsonparser/issues/275",
"url": "https://github.com/buger/jsonparser/issues/275"
},
{
"category": "external",
"summary": "https://github.com/golang/vulndb/issues/4514",
"url": "https://github.com/golang/vulndb/issues/4514"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4514",
"url": "https://pkg.go.dev/vuln/GO-2026-4514"
}
],
"release_date": "2026-03-26T19:40:51.837000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/buger/jsonparser: github.com/buger/jsonparser: Denial of Service via malformed JSON input"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-33811",
"cwe": {
"id": "CWE-1341",
"name": "Multiple Releases of Same Resource or Handle"
},
"discovery_date": "2026-05-07T20:01:34.913869+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467822"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net` package, affecting applications configured to use the `cgo` DNS resolver. A remote attacker could trigger a double-free memory error by providing a very long CNAME response, leading to a crash of the vulnerable application and impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "RHBZ#2467822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467822"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33811",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33811"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://go.dev/cl/767860",
"url": "https://go.dev/cl/767860"
},
{
"category": "external",
"summary": "https://go.dev/issue/78803",
"url": "https://go.dev/issue/78803"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4981",
"url": "https://pkg.go.dev/vuln/GO-2026-4981"
}
],
"release_date": "2026-05-07T19:41:19.285000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications can be configured to use the pure Go DNS resolver instead of the `cgo` DNS resolver. This can be achieved by setting the `GODEBUG` environment variable to `netdns=go`. For example, to run a Go application with this mitigation: `GODEBUG=netdns=go /path/to/your/go/application`. This change may require restarting affected applications or services to take effect. Users should verify that this change does not negatively impact DNS resolution for their specific application environment.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME"
},
{
"cve": "CVE-2026-33813",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2026-04-21T20:01:02.224363+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2460221"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/image. A remote attacker could exploit this vulnerability by providing a specially crafted WEBP image with an invalid, large size. This could cause the application to panic and crash on 32-bit platforms, leading to a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/image: golang: golang.org/x/image: Denial of Service via malformed WEBP image parsing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33813"
},
{
"category": "external",
"summary": "RHBZ#2460221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460221"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33813",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33813"
},
{
"category": "external",
"summary": "https://go.dev/cl/759860",
"url": "https://go.dev/cl/759860"
},
{
"category": "external",
"summary": "https://go.dev/issue/78407",
"url": "https://go.dev/issue/78407"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4961",
"url": "https://pkg.go.dev/vuln/GO-2026-4961"
}
],
"release_date": "2026-04-21T19:21:27.644000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/image: golang: golang.org/x/image: Denial of Service via malformed WEBP image parsing"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
},
{
"cve": "CVE-2026-39820",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-05-07T20:01:27.800929+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467820"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net/mail` package. Applications processing untrusted email inputs via `ParseAddress`, `ParseAddressList`, or `ParseDate` functions are susceptible to excessive resource consumption, which can lead to service unavailability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "RHBZ#2467820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467820"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39820",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39820"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://go.dev/cl/759940",
"url": "https://go.dev/cl/759940"
},
{
"category": "external",
"summary": "https://go.dev/issue/78566",
"url": "https://go.dev/issue/78566"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4986",
"url": "https://pkg.go.dev/vuln/GO-2026-4986"
}
],
"release_date": "2026-05-07T19:41:19.854000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs"
},
{
"cve": "CVE-2026-39821",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-05-22T16:00:52.844126+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480756"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "golang.org/x/net/idna is vulnerable to privilege escalation through incorrect Punycode label handling in ToASCII and ToUnicode. An attacker who can supply a Punycode hostname that passes an ASCII-only authorization check may have it normalized to a restricted ASCII name the application intended to block. Red Hat exposure is broad across products shipping the Go toolchain or bundling golang.org/x/net, including RHEL and RHEL-AI golang RPMs, hummingbird Go runtimes, OpenShift and ODF container builds, and Ceph/OpenShift components compiled against affected x/net versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "RHBZ#2480756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480756"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39821",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39821"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://go.dev/cl/767220",
"url": "https://go.dev/cl/767220"
},
{
"category": "external",
"summary": "https://go.dev/issue/78760",
"url": "https://go.dev/issue/78760"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5026",
"url": "https://pkg.go.dev/vuln/GO-2026-5026"
}
],
"release_date": "2026-05-22T15:01:21.462000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"category": "workaround",
"details": "Upgrade to a fixed golang.org/x/net release that includes the idna correction, via updated golang or dependent package rebuilds.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing"
},
{
"cve": "CVE-2026-42154",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-05-04T19:02:19.626646+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466505"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Prometheus. An unauthenticated attacker can exploit the remote read endpoint (`/api/v1/read`) by sending a specially crafted, small snappy-compressed payload. This payload causes a disproportionately large memory allocation, leading to memory exhaustion and a Denial of Service (DoS) by crashing the Prometheus process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/prometheus/prometheus: Prometheus: Denial of Service via uncontrolled memory allocation in remote read endpoint",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in Prometheus, allowing an unauthenticated remote attacker to crash the Prometheus process. This could lead to service unavailability in Red Hat products that deploy Prometheus for monitoring, as the remote read endpoint does not properly validate snappy-compressed request lengths.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42154"
},
{
"category": "external",
"summary": "RHBZ#2466505",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466505"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42154",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42154"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42154",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42154"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/pull/18584",
"url": "https://github.com/prometheus/prometheus/pull/18584"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/pull/18585",
"url": "https://github.com/prometheus/prometheus/pull/18585"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3",
"url": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3",
"url": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/security/advisories/GHSA-8rm2-7qqf-34qm",
"url": "https://github.com/prometheus/prometheus/security/advisories/GHSA-8rm2-7qqf-34qm"
}
],
"release_date": "2026-05-04T18:13:12.340000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/prometheus/prometheus: Prometheus: Denial of Service via uncontrolled memory allocation in remote read endpoint"
},
{
"cve": "CVE-2026-42499",
"cwe": {
"id": "CWE-1046",
"name": "Creation of Immutable Text Using String Concatenation"
},
"discovery_date": "2026-05-07T20:00:51.685602+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467809"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the `net/mail` package of the Go standard library. A remote attacker can exploit this flaw by sending specially crafted email addresses, leading to excessive resource consumption and a denial of service in Go applications that parse email addresses using the affected library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "RHBZ#2467809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467809"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42499",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42499"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://go.dev/cl/771520",
"url": "https://go.dev/cl/771520"
},
{
"category": "external",
"summary": "https://go.dev/issue/78987",
"url": "https://go.dev/issue/78987"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4977",
"url": "https://pkg.go.dev/vuln/GO-2026-4977"
}
],
"release_date": "2026-05-07T19:41:18.615000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.