RHSA-2026:34364
Vulnerability from csaf_redhat - Published: 2026-07-01 16:16 - Updated: 2026-07-02 00:11A flaw was found in golang.org/x/net/html. A remote attacker could exploit this vulnerability by providing specially crafted HTML. When this arbitrary HTML is parsed and rendered, it can result in an unexpected HTML tree, bypassing input sanitization. This can be leveraged to execute Cross-Site Scripting (XSS) attacks, potentially leading to arbitrary code execution in applications that use the affected component.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
Workaround
|
A flaw was found in github.com/buger/jsonparser. The Delete function, when processing malformed JSON input, fails to properly validate offsets. This vulnerability can lead to a negative slice index and a runtime panic, allowing a remote attacker to cause a denial of service (DoS) by providing specially crafted JSON data.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
Workaround
|
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
Workaround
|
A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
Workaround
|
A flaw was found in golang.org/x/image. A remote attacker could exploit this vulnerability by providing a specially crafted WEBP image with an invalid, large size. This could cause the application to panic and crash on 32-bit platforms, leading to a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
Workaround
|
A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
Workaround
|
A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
Workaround
|
A flaw was found in Prometheus. An unauthenticated attacker can exploit the remote read endpoint (`/api/v1/read`) by sending a specially crafted, small snappy-compressed payload. This payload causes a disproportionately large memory allocation, leading to memory exhaustion and a Denial of Service (DoS) by crashing the Prometheus process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — | ||
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Logging for Red Hat OpenShift - 6.4.6",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Logging 6.4.6 is a cluster-wide logging solution for OpenShift that collects and manages applications, infrastructure, and audit logs.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:34364",
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25681",
"url": "https://access.redhat.com/security/cve/CVE-2026-25681"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32285",
"url": "https://access.redhat.com/security/cve/CVE-2026-32285"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33811",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33813",
"url": "https://access.redhat.com/security/cve/CVE-2026-33813"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39820",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39821",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42154",
"url": "https://access.redhat.com/security/cve/CVE-2026-42154"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42499",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_34364.json"
}
],
"title": "Red Hat Security Advisory: Logging for Red Hat OpenShift - 6.4.6",
"tracking": {
"current_release_date": "2026-07-02T00:11:00+00:00",
"generator": {
"date": "2026-07-02T00:11:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:34364",
"initial_release_date": "2026-07-01T16:16:22+00:00",
"revision_history": [
{
"date": "2026-07-01T16:16:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-01T16:16:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-02T00:11:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Logging Subsystem for Red Hat OpenShift 6.4",
"product": {
"name": "Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:6.4::el9"
}
}
}
],
"category": "product_family",
"name": "Logging Subsystem for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256%3A20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=1782412815"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256%3Ae5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=1782413532"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"product_id": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256%3A437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=1782408807"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"product_id": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256%3A0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=1782392885"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"product_id": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256%3A4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=1782405469"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"product_id": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256%3A93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=1782464542"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"product_id": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-operator-bundle@sha256%3A303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-operator-bundle\u0026tag=1782465285"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"product_id": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256%3Ae0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=1782392961"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"product_id": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256%3A37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=1782392937"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"product": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"product_id": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256%3A23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=1782393583"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256%3A036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=1782412815"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"product_id": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256%3A8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=1782408807"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"product_id": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256%3Ae4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=1782392885"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"product_id": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256%3A36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=1782405469"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"product_id": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256%3A2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=1782464542"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"product_id": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256%3A35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=1782392961"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"product_id": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256%3Ae07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=1782392937"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"product": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"product_id": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256%3A2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=1782393583"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256%3Ad379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=1782412815"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"product_id": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256%3Ad1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=1782408807"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"product_id": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256%3A1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=1782392885"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"product_id": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256%3Affcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=1782405469"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"product_id": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256%3A4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=1782464542"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"product_id": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256%3A57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=1782392961"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"product_id": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256%3A62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=1782392937"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x",
"product": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x",
"product_id": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256%3Acaaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=1782393583"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256%3Af5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=1782412815"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256%3A404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=1782408807"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256%3A869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=1782392885"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256%3A613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=1782405469"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256%3Af278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=1782464542"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256%3Aab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=1782392961"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256%3A0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=1782392937"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"product_id": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256%3A9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=1782393583"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64"
},
"product_reference": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64 as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64"
},
"product_reference": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x as a component of Logging Subsystem for Red Hat OpenShift 6.4",
"product_id": "Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
},
"product_reference": "registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x",
"relates_to_product_reference": "Logging Subsystem for Red Hat OpenShift 6.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-25681",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-05-22T16:01:08.177603+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480761"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. A remote attacker could exploit this vulnerability by providing specially crafted HTML. When this arbitrary HTML is parsed and rendered, it can result in an unexpected HTML tree, bypassing input sanitization. This can be leveraged to execute Cross-Site Scripting (XSS) attacks, potentially leading to arbitrary code execution in applications that use the affected component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important vulnerability in `golang.org/x/net/html` could enable remote attackers to execute Cross-Site Scripting (XSS) attacks, potentially leading to arbitrary code execution. The flaw allows specially crafted HTML to bypass input sanitization during parsing and rendering. Red Hat products are affected if they process untrusted HTML content using the vulnerable component without additional output encoding or robust content security policies.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25681"
},
{
"category": "external",
"summary": "RHBZ#2480761",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480761"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25681",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25681"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25681",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25681"
},
{
"category": "external",
"summary": "https://go.dev/cl/781703",
"url": "https://go.dev/cl/781703"
},
{
"category": "external",
"summary": "https://go.dev/issue/79574",
"url": "https://go.dev/issue/79574"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5029",
"url": "https://pkg.go.dev/vuln/GO-2026-5029"
}
],
"release_date": "2026-05-22T15:01:21.975000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"category": "workaround",
"details": "To mitigate this flaw, applications processing untrusted HTML input must implement strict input sanitization and ensure all output is properly encoded before rendering. Deploying a comprehensive Content Security Policy (CSP) can restrict script execution, further reducing the attack surface. Administrators should review application configurations to ensure adequate protection against XSS.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting"
},
{
"cve": "CVE-2026-32285",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2026-03-26T20:01:54.925687+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451846"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/buger/jsonparser. The Delete function, when processing malformed JSON input, fails to properly validate offsets. This vulnerability can lead to a negative slice index and a runtime panic, allowing a remote attacker to cause a denial of service (DoS) by providing specially crafted JSON data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/buger/jsonparser: github.com/buger/jsonparser: Denial of Service via malformed JSON input",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32285"
},
{
"category": "external",
"summary": "RHBZ#2451846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451846"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32285",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32285"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32285",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32285"
},
{
"category": "external",
"summary": "https://github.com/buger/jsonparser/issues/275",
"url": "https://github.com/buger/jsonparser/issues/275"
},
{
"category": "external",
"summary": "https://github.com/golang/vulndb/issues/4514",
"url": "https://github.com/golang/vulndb/issues/4514"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4514",
"url": "https://pkg.go.dev/vuln/GO-2026-4514"
}
],
"release_date": "2026-03-26T19:40:51.837000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/buger/jsonparser: github.com/buger/jsonparser: Denial of Service via malformed JSON input"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-33811",
"cwe": {
"id": "CWE-1341",
"name": "Multiple Releases of Same Resource or Handle"
},
"discovery_date": "2026-05-07T20:01:34.913869+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467822"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net` package, affecting applications configured to use the `cgo` DNS resolver. A remote attacker could trigger a double-free memory error by providing a very long CNAME response, leading to a crash of the vulnerable application and impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "RHBZ#2467822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467822"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33811",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33811"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://go.dev/cl/767860",
"url": "https://go.dev/cl/767860"
},
{
"category": "external",
"summary": "https://go.dev/issue/78803",
"url": "https://go.dev/issue/78803"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4981",
"url": "https://pkg.go.dev/vuln/GO-2026-4981"
}
],
"release_date": "2026-05-07T19:41:19.285000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications can be configured to use the pure Go DNS resolver instead of the `cgo` DNS resolver. This can be achieved by setting the `GODEBUG` environment variable to `netdns=go`. For example, to run a Go application with this mitigation: `GODEBUG=netdns=go /path/to/your/go/application`. This change may require restarting affected applications or services to take effect. Users should verify that this change does not negatively impact DNS resolution for their specific application environment.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME"
},
{
"cve": "CVE-2026-33813",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2026-04-21T20:01:02.224363+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2460221"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/image. A remote attacker could exploit this vulnerability by providing a specially crafted WEBP image with an invalid, large size. This could cause the application to panic and crash on 32-bit platforms, leading to a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/image: golang: golang.org/x/image: Denial of Service via malformed WEBP image parsing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33813"
},
{
"category": "external",
"summary": "RHBZ#2460221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460221"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33813",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33813"
},
{
"category": "external",
"summary": "https://go.dev/cl/759860",
"url": "https://go.dev/cl/759860"
},
{
"category": "external",
"summary": "https://go.dev/issue/78407",
"url": "https://go.dev/issue/78407"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4961",
"url": "https://pkg.go.dev/vuln/GO-2026-4961"
}
],
"release_date": "2026-04-21T19:21:27.644000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/image: golang: golang.org/x/image: Denial of Service via malformed WEBP image parsing"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
},
{
"cve": "CVE-2026-39820",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-05-07T20:01:27.800929+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467820"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net/mail` package. Applications processing untrusted email inputs via `ParseAddress`, `ParseAddressList`, or `ParseDate` functions are susceptible to excessive resource consumption, which can lead to service unavailability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "RHBZ#2467820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467820"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39820",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39820"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://go.dev/cl/759940",
"url": "https://go.dev/cl/759940"
},
{
"category": "external",
"summary": "https://go.dev/issue/78566",
"url": "https://go.dev/issue/78566"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4986",
"url": "https://pkg.go.dev/vuln/GO-2026-4986"
}
],
"release_date": "2026-05-07T19:41:19.854000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs"
},
{
"cve": "CVE-2026-39821",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-05-22T16:00:52.844126+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480756"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "golang.org/x/net/idna is vulnerable to privilege escalation through incorrect Punycode label handling in ToASCII and ToUnicode. An attacker who can supply a Punycode hostname that passes an ASCII-only authorization check may have it normalized to a restricted ASCII name the application intended to block. Red Hat exposure is broad across products shipping the Go toolchain or bundling golang.org/x/net, including RHEL and RHEL-AI golang RPMs, hummingbird Go runtimes, OpenShift and ODF container builds, and Ceph/OpenShift components compiled against affected x/net versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "RHBZ#2480756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480756"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39821",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39821"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://go.dev/cl/767220",
"url": "https://go.dev/cl/767220"
},
{
"category": "external",
"summary": "https://go.dev/issue/78760",
"url": "https://go.dev/issue/78760"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5026",
"url": "https://pkg.go.dev/vuln/GO-2026-5026"
}
],
"release_date": "2026-05-22T15:01:21.462000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"category": "workaround",
"details": "Upgrade to a fixed golang.org/x/net release that includes the idna correction, via updated golang or dependent package rebuilds.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing"
},
{
"cve": "CVE-2026-42154",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-05-04T19:02:19.626646+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466505"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Prometheus. An unauthenticated attacker can exploit the remote read endpoint (`/api/v1/read`) by sending a specially crafted, small snappy-compressed payload. This payload causes a disproportionately large memory allocation, leading to memory exhaustion and a Denial of Service (DoS) by crashing the Prometheus process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/prometheus/prometheus: Prometheus: Denial of Service via uncontrolled memory allocation in remote read endpoint",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42154"
},
{
"category": "external",
"summary": "RHBZ#2466505",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466505"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42154",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42154"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42154",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42154"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/pull/18584",
"url": "https://github.com/prometheus/prometheus/pull/18584"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/pull/18585",
"url": "https://github.com/prometheus/prometheus/pull/18585"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3",
"url": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3",
"url": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/security/advisories/GHSA-8rm2-7qqf-34qm",
"url": "https://github.com/prometheus/prometheus/security/advisories/GHSA-8rm2-7qqf-34qm"
}
],
"release_date": "2026-05-04T18:13:12.340000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/prometheus/prometheus: Prometheus: Denial of Service via uncontrolled memory allocation in remote read endpoint"
},
{
"cve": "CVE-2026-42499",
"cwe": {
"id": "CWE-1046",
"name": "Creation of Immutable Text Using String Concatenation"
},
"discovery_date": "2026-05-07T20:00:51.685602+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467809"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the `net/mail` package of the Go standard library. A remote attacker can exploit this flaw by sending specially crafted email addresses, leading to excessive resource consumption and a denial of service in Go applications that parse email addresses using the affected library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"known_not_affected": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "RHBZ#2467809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467809"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42499",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42499"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://go.dev/cl/771520",
"url": "https://go.dev/cl/771520"
},
{
"category": "external",
"summary": "https://go.dev/issue/78987",
"url": "https://go.dev/issue/78987"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4977",
"url": "https://pkg.go.dev/vuln/GO-2026-4977"
}
],
"release_date": "2026-05-07T19:41:18.615000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-01T16:16:22+00:00",
"details": "For OpenShift Container Platform 4.20 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/release_notes/ocp-4-20-release-notes\n\nFor Red Hat OpenShift Logging 6.4, see the following instructions to apply this update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_logging/6.4",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34364"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-operator-bundle@sha256:e5b7cc503692837c64463dec9b5f26d4041604af41687089e3d2fa7049d18763_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:036c4b69ad3fc3d21f3874a182250670ba05d85b92f4fb3246dbc9a1b0d5b2f1_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:20a457aef3fe79d1504b3635b44194de337345bccdaea7faed59d2b9d773a78d_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:d379c0ac1ef6531fb9a7e62d305804a3ec0fa4c15464a7c5d2701375548191c1_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator@sha256:f5318fb921ce00cd615c35da79397b96159141ed5c5f83cc5fd536f6212e4a1d_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:404ab8a3b91ee87b54fedb6e123730d00d056fc4cf0333fdfe89d9d04ed19ade_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:437d5a4c488cd6bf3ab086329f64e67904d60ccde170d163b32b73b530a76000_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:8f4ce021b0c1ba39cb9b57071ea3e35b8e91a35aec8c3188cb8a61eac919c16b_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/eventrouter-rhel9@sha256:d1ae79f914c7ba434f2886ec14c00cb794dc92f9472329a62311dcfcd6ab0750_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:0506600ba49a32d6eeb4b081e33f2a0356a348eb0af8cc9aaa96b1568dc00827_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:1317ad72523ecd91a45290485aa2b5afe9341c8e1aeed026d7e0f9c6ef06a279_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:869a15d3a384b822b84622a030f5c5f9ad7284673ca1b861732e239cdaa17ae3_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9@sha256:e4a0e68923f34dfdf956a643c8e218e77cd2b8b564b256fe8134f5f36b484a3d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:36340239fda21b0c95529e24861b98f0c427f0b2a4dcbbc15e800c4008a84170_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:4d4eff309f617b905f126770ef318cc78eee346aa57d72f9e506a875cb9cb0ff_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:613509ec4705bd051a01ff07a738c01ffc2f1766716e8a992af396cc884cfc2f_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/logging-loki-rhel9@sha256:ffcd011e7e5fc98eac4b3a40bf4c5f8faa1e9d6ffd99375fe6a077e07887902c_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-operator-bundle@sha256:303c3bf8579f485f39f83659818afea56e1cf0600fa2b27328b7ea88a2cf0aa6_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:2e27623128ad417e16531721363a85bcb3486e7d1c6e8bb136704da2804fd321_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:4715d0c1ffbffe506a4a7213159eb02b03f7b12e87fe015c270376b858cc8a5e_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:93c4438fdec9e45c6c96b5dca8de34bc634fb8e14acd4cb2832181bb0f99a012_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/loki-rhel9-operator@sha256:f278bc4ab107d4364ccd943b6285a4880075fd33a8b118011fe2bb85cebddc08_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:35ad2b060e4847d7d523184677454213e7b119bd11490b9464d685a2b8dd7188_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:57c8fafa6ac19e0d78846633ad57ecb04ce560f3559981f875606b2da102acf0_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:ab4078df9d968b5ecc3d662c58fda45fd1827eadad28bbbfe43728b7428f26b6_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/lokistack-gateway-rhel9@sha256:e0921ca76f40eba9eae5600ffdf62ca80cbb4c8d6743e1682b0602703f834ac8_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:0797167a007e1c3e89d971c9513b2a51cffabe75185eecf0c07068d1aea6bbf4_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:37625fee5941abe356d51f00535636fecae3670ece4478615a49d9c98c54c8e9_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:62b9f7fcddea5a4f82c483679cb1366b73463434601310a440d373996a086fd3_s390x",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/opa-openshift-rhel9@sha256:e07e4c074f2ef73f92ffe3e4f4f54f9fdccd1229dd94610fe17cbf6187561f8d_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:23ac528608b2c270a53c11ed77f6e5b0d9ead8ebf4ad061b29518ec878ca2877_amd64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:2c294ee9091202c6129748c25d663fab8c885ee8f9456e0134c284d54607a413_arm64",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:9e62ced8b94ee0222ae3612dab5367527ce4d16d2a071eed4b64557a6c61accc_ppc64le",
"Logging Subsystem for Red Hat OpenShift 6.4:registry.redhat.io/openshift-logging/vector-rhel9@sha256:caaca2ed78082fbe3e4974cdc508112e4a0ae5e2e73bb05c30e25e2f904eb971_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.