RHSA-2026:4270
Vulnerability from csaf_redhat - Published: 2026-03-11 07:52 - Updated: 2026-03-12 05:15Summary
Red Hat Security Advisory: OpenShift Source To Image 1.6.0
Notes
Topic
OpenShift Source To Image 1.6.0 Release
Details
Release of OpenShift Source To Image 1.6.0
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "OpenShift Source To Image 1.6.0 Release",
"title": "Topic"
},
{
"category": "general",
"text": "Release of OpenShift Source To Image 1.6.0",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:4270",
"url": "https://access.redhat.com/errata/RHSA-2026:4270"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61726",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68121",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_4270.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Source To Image 1.6.0",
"tracking": {
"current_release_date": "2026-03-12T05:15:26+00:00",
"generator": {
"date": "2026-03-12T05:15:26+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.2"
}
},
"id": "RHSA-2026:4270",
"initial_release_date": "2026-03-11T07:52:06+00:00",
"revision_history": [
{
"date": "2026-03-11T07:52:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-03-11T07:52:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-12T05:15:26+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Developer Tools and Services 1.6.0",
"product": {
"name": "OpenShift Developer Tools and Services 1.6.0",
"product_id": "OpenShift Developer Tools and Services 1.6.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:source_to_image:1.6::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Developer Tools and Services"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:f0b6590d7f5168a7dc749138a935d094369a7b87bbbb8b9d1c755fc01d57100e_amd64",
"product": {
"name": "registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:f0b6590d7f5168a7dc749138a935d094369a7b87bbbb8b9d1c755fc01d57100e_amd64",
"product_id": "registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:f0b6590d7f5168a7dc749138a935d094369a7b87bbbb8b9d1c755fc01d57100e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/source-to-image-rhel8@sha256%3Af0b6590d7f5168a7dc749138a935d094369a7b87bbbb8b9d1c755fc01d57100e?arch=amd64\u0026repository_url=registry.redhat.io/source-to-image\u0026tag=1773214142"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:fe8de6cf5d30af29e64e5f9ebe348b4ce6ff838be480d81795723a8642e19134_amd64",
"product": {
"name": "registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:fe8de6cf5d30af29e64e5f9ebe348b4ce6ff838be480d81795723a8642e19134_amd64",
"product_id": "registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:fe8de6cf5d30af29e64e5f9ebe348b4ce6ff838be480d81795723a8642e19134_amd64",
"product_identification_helper": {
"purl": "pkg:oci/source-to-image-rhel9@sha256%3Afe8de6cf5d30af29e64e5f9ebe348b4ce6ff838be480d81795723a8642e19134?arch=amd64\u0026repository_url=registry.redhat.io/source-to-image\u0026tag=1773214747"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:d95a6e017fd2230836b321a18e9be574776ca218f19386c35bf846f2af7920ad_arm64",
"product": {
"name": "registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:d95a6e017fd2230836b321a18e9be574776ca218f19386c35bf846f2af7920ad_arm64",
"product_id": "registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:d95a6e017fd2230836b321a18e9be574776ca218f19386c35bf846f2af7920ad_arm64",
"product_identification_helper": {
"purl": "pkg:oci/source-to-image-rhel8@sha256%3Ad95a6e017fd2230836b321a18e9be574776ca218f19386c35bf846f2af7920ad?arch=arm64\u0026repository_url=registry.redhat.io/source-to-image\u0026tag=1773214142"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:706a7e97fc435cc175679eabed85a3f6a379cc0a4111a11e592758ccfdfd2857_arm64",
"product": {
"name": "registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:706a7e97fc435cc175679eabed85a3f6a379cc0a4111a11e592758ccfdfd2857_arm64",
"product_id": "registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:706a7e97fc435cc175679eabed85a3f6a379cc0a4111a11e592758ccfdfd2857_arm64",
"product_identification_helper": {
"purl": "pkg:oci/source-to-image-rhel9@sha256%3A706a7e97fc435cc175679eabed85a3f6a379cc0a4111a11e592758ccfdfd2857?arch=arm64\u0026repository_url=registry.redhat.io/source-to-image\u0026tag=1773214747"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:80e249e039ca97506b111c12739d2d5020237e3afb8fe1cc5014a803d917d1f1_ppc64le",
"product": {
"name": "registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:80e249e039ca97506b111c12739d2d5020237e3afb8fe1cc5014a803d917d1f1_ppc64le",
"product_id": "registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:80e249e039ca97506b111c12739d2d5020237e3afb8fe1cc5014a803d917d1f1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/source-to-image-rhel8@sha256%3A80e249e039ca97506b111c12739d2d5020237e3afb8fe1cc5014a803d917d1f1?arch=ppc64le\u0026repository_url=registry.redhat.io/source-to-image\u0026tag=1773214142"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:7554ecfe28d55d03c9814a2591c337bed1aaf203d644c02595cef517623b7cb7_ppc64le",
"product": {
"name": "registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:7554ecfe28d55d03c9814a2591c337bed1aaf203d644c02595cef517623b7cb7_ppc64le",
"product_id": "registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:7554ecfe28d55d03c9814a2591c337bed1aaf203d644c02595cef517623b7cb7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/source-to-image-rhel9@sha256%3A7554ecfe28d55d03c9814a2591c337bed1aaf203d644c02595cef517623b7cb7?arch=ppc64le\u0026repository_url=registry.redhat.io/source-to-image\u0026tag=1773214747"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:e972d72ec52877e59b162099d20d60a83f0607ecf724720b6163b48141deb67a_s390x",
"product": {
"name": "registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:e972d72ec52877e59b162099d20d60a83f0607ecf724720b6163b48141deb67a_s390x",
"product_id": "registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:e972d72ec52877e59b162099d20d60a83f0607ecf724720b6163b48141deb67a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/source-to-image-rhel8@sha256%3Ae972d72ec52877e59b162099d20d60a83f0607ecf724720b6163b48141deb67a?arch=s390x\u0026repository_url=registry.redhat.io/source-to-image\u0026tag=1773214142"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:ed3d74c2255ed6f3d358582794beae8091ecc098eae4a3c7c1b1ced59011210c_s390x",
"product": {
"name": "registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:ed3d74c2255ed6f3d358582794beae8091ecc098eae4a3c7c1b1ced59011210c_s390x",
"product_id": "registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:ed3d74c2255ed6f3d358582794beae8091ecc098eae4a3c7c1b1ced59011210c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/source-to-image-rhel9@sha256%3Aed3d74c2255ed6f3d358582794beae8091ecc098eae4a3c7c1b1ced59011210c?arch=s390x\u0026repository_url=registry.redhat.io/source-to-image\u0026tag=1773214747"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:80e249e039ca97506b111c12739d2d5020237e3afb8fe1cc5014a803d917d1f1_ppc64le as a component of OpenShift Developer Tools and Services 1.6.0",
"product_id": "OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:80e249e039ca97506b111c12739d2d5020237e3afb8fe1cc5014a803d917d1f1_ppc64le"
},
"product_reference": "registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:80e249e039ca97506b111c12739d2d5020237e3afb8fe1cc5014a803d917d1f1_ppc64le",
"relates_to_product_reference": "OpenShift Developer Tools and Services 1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:d95a6e017fd2230836b321a18e9be574776ca218f19386c35bf846f2af7920ad_arm64 as a component of OpenShift Developer Tools and Services 1.6.0",
"product_id": "OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:d95a6e017fd2230836b321a18e9be574776ca218f19386c35bf846f2af7920ad_arm64"
},
"product_reference": "registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:d95a6e017fd2230836b321a18e9be574776ca218f19386c35bf846f2af7920ad_arm64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:e972d72ec52877e59b162099d20d60a83f0607ecf724720b6163b48141deb67a_s390x as a component of OpenShift Developer Tools and Services 1.6.0",
"product_id": "OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:e972d72ec52877e59b162099d20d60a83f0607ecf724720b6163b48141deb67a_s390x"
},
"product_reference": "registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:e972d72ec52877e59b162099d20d60a83f0607ecf724720b6163b48141deb67a_s390x",
"relates_to_product_reference": "OpenShift Developer Tools and Services 1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:f0b6590d7f5168a7dc749138a935d094369a7b87bbbb8b9d1c755fc01d57100e_amd64 as a component of OpenShift Developer Tools and Services 1.6.0",
"product_id": "OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:f0b6590d7f5168a7dc749138a935d094369a7b87bbbb8b9d1c755fc01d57100e_amd64"
},
"product_reference": "registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:f0b6590d7f5168a7dc749138a935d094369a7b87bbbb8b9d1c755fc01d57100e_amd64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:706a7e97fc435cc175679eabed85a3f6a379cc0a4111a11e592758ccfdfd2857_arm64 as a component of OpenShift Developer Tools and Services 1.6.0",
"product_id": "OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:706a7e97fc435cc175679eabed85a3f6a379cc0a4111a11e592758ccfdfd2857_arm64"
},
"product_reference": "registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:706a7e97fc435cc175679eabed85a3f6a379cc0a4111a11e592758ccfdfd2857_arm64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:7554ecfe28d55d03c9814a2591c337bed1aaf203d644c02595cef517623b7cb7_ppc64le as a component of OpenShift Developer Tools and Services 1.6.0",
"product_id": "OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:7554ecfe28d55d03c9814a2591c337bed1aaf203d644c02595cef517623b7cb7_ppc64le"
},
"product_reference": "registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:7554ecfe28d55d03c9814a2591c337bed1aaf203d644c02595cef517623b7cb7_ppc64le",
"relates_to_product_reference": "OpenShift Developer Tools and Services 1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:ed3d74c2255ed6f3d358582794beae8091ecc098eae4a3c7c1b1ced59011210c_s390x as a component of OpenShift Developer Tools and Services 1.6.0",
"product_id": "OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:ed3d74c2255ed6f3d358582794beae8091ecc098eae4a3c7c1b1ced59011210c_s390x"
},
"product_reference": "registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:ed3d74c2255ed6f3d358582794beae8091ecc098eae4a3c7c1b1ced59011210c_s390x",
"relates_to_product_reference": "OpenShift Developer Tools and Services 1.6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:fe8de6cf5d30af29e64e5f9ebe348b4ce6ff838be480d81795723a8642e19134_amd64 as a component of OpenShift Developer Tools and Services 1.6.0",
"product_id": "OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:fe8de6cf5d30af29e64e5f9ebe348b4ce6ff838be480d81795723a8642e19134_amd64"
},
"product_reference": "registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:fe8de6cf5d30af29e64e5f9ebe348b4ce6ff838be480d81795723a8642e19134_amd64",
"relates_to_product_reference": "OpenShift Developer Tools and Services 1.6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:80e249e039ca97506b111c12739d2d5020237e3afb8fe1cc5014a803d917d1f1_ppc64le",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:d95a6e017fd2230836b321a18e9be574776ca218f19386c35bf846f2af7920ad_arm64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:e972d72ec52877e59b162099d20d60a83f0607ecf724720b6163b48141deb67a_s390x",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:f0b6590d7f5168a7dc749138a935d094369a7b87bbbb8b9d1c755fc01d57100e_amd64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:706a7e97fc435cc175679eabed85a3f6a379cc0a4111a11e592758ccfdfd2857_arm64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:7554ecfe28d55d03c9814a2591c337bed1aaf203d644c02595cef517623b7cb7_ppc64le",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:ed3d74c2255ed6f3d358582794beae8091ecc098eae4a3c7c1b1ced59011210c_s390x",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:fe8de6cf5d30af29e64e5f9ebe348b4ce6ff838be480d81795723a8642e19134_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-11T07:52:06+00:00",
"details": "It is recommended that existing users of OpenShift Source To Image upgrade to v1.6.0",
"product_ids": [
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:80e249e039ca97506b111c12739d2d5020237e3afb8fe1cc5014a803d917d1f1_ppc64le",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:d95a6e017fd2230836b321a18e9be574776ca218f19386c35bf846f2af7920ad_arm64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:e972d72ec52877e59b162099d20d60a83f0607ecf724720b6163b48141deb67a_s390x",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:f0b6590d7f5168a7dc749138a935d094369a7b87bbbb8b9d1c755fc01d57100e_amd64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:706a7e97fc435cc175679eabed85a3f6a379cc0a4111a11e592758ccfdfd2857_arm64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:7554ecfe28d55d03c9814a2591c337bed1aaf203d644c02595cef517623b7cb7_ppc64le",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:ed3d74c2255ed6f3d358582794beae8091ecc098eae4a3c7c1b1ced59011210c_s390x",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:fe8de6cf5d30af29e64e5f9ebe348b4ce6ff838be480d81795723a8642e19134_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4270"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:80e249e039ca97506b111c12739d2d5020237e3afb8fe1cc5014a803d917d1f1_ppc64le",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:d95a6e017fd2230836b321a18e9be574776ca218f19386c35bf846f2af7920ad_arm64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:e972d72ec52877e59b162099d20d60a83f0607ecf724720b6163b48141deb67a_s390x",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:f0b6590d7f5168a7dc749138a935d094369a7b87bbbb8b9d1c755fc01d57100e_amd64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:706a7e97fc435cc175679eabed85a3f6a379cc0a4111a11e592758ccfdfd2857_arm64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:7554ecfe28d55d03c9814a2591c337bed1aaf203d644c02595cef517623b7cb7_ppc64le",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:ed3d74c2255ed6f3d358582794beae8091ecc098eae4a3c7c1b1ced59011210c_s390x",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:fe8de6cf5d30af29e64e5f9ebe348b4ce6ff838be480d81795723a8642e19134_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:80e249e039ca97506b111c12739d2d5020237e3afb8fe1cc5014a803d917d1f1_ppc64le",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:d95a6e017fd2230836b321a18e9be574776ca218f19386c35bf846f2af7920ad_arm64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:e972d72ec52877e59b162099d20d60a83f0607ecf724720b6163b48141deb67a_s390x",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:f0b6590d7f5168a7dc749138a935d094369a7b87bbbb8b9d1c755fc01d57100e_amd64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:706a7e97fc435cc175679eabed85a3f6a379cc0a4111a11e592758ccfdfd2857_arm64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:7554ecfe28d55d03c9814a2591c337bed1aaf203d644c02595cef517623b7cb7_ppc64le",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:ed3d74c2255ed6f3d358582794beae8091ecc098eae4a3c7c1b1ced59011210c_s390x",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:fe8de6cf5d30af29e64e5f9ebe348b4ce6ff838be480d81795723a8642e19134_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:80e249e039ca97506b111c12739d2d5020237e3afb8fe1cc5014a803d917d1f1_ppc64le",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:d95a6e017fd2230836b321a18e9be574776ca218f19386c35bf846f2af7920ad_arm64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:e972d72ec52877e59b162099d20d60a83f0607ecf724720b6163b48141deb67a_s390x",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:f0b6590d7f5168a7dc749138a935d094369a7b87bbbb8b9d1c755fc01d57100e_amd64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:706a7e97fc435cc175679eabed85a3f6a379cc0a4111a11e592758ccfdfd2857_arm64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:7554ecfe28d55d03c9814a2591c337bed1aaf203d644c02595cef517623b7cb7_ppc64le",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:ed3d74c2255ed6f3d358582794beae8091ecc098eae4a3c7c1b1ced59011210c_s390x",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:fe8de6cf5d30af29e64e5f9ebe348b4ce6ff838be480d81795723a8642e19134_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-11T07:52:06+00:00",
"details": "It is recommended that existing users of OpenShift Source To Image upgrade to v1.6.0",
"product_ids": [
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:80e249e039ca97506b111c12739d2d5020237e3afb8fe1cc5014a803d917d1f1_ppc64le",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:d95a6e017fd2230836b321a18e9be574776ca218f19386c35bf846f2af7920ad_arm64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:e972d72ec52877e59b162099d20d60a83f0607ecf724720b6163b48141deb67a_s390x",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:f0b6590d7f5168a7dc749138a935d094369a7b87bbbb8b9d1c755fc01d57100e_amd64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:706a7e97fc435cc175679eabed85a3f6a379cc0a4111a11e592758ccfdfd2857_arm64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:7554ecfe28d55d03c9814a2591c337bed1aaf203d644c02595cef517623b7cb7_ppc64le",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:ed3d74c2255ed6f3d358582794beae8091ecc098eae4a3c7c1b1ced59011210c_s390x",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:fe8de6cf5d30af29e64e5f9ebe348b4ce6ff838be480d81795723a8642e19134_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4270"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:80e249e039ca97506b111c12739d2d5020237e3afb8fe1cc5014a803d917d1f1_ppc64le",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:d95a6e017fd2230836b321a18e9be574776ca218f19386c35bf846f2af7920ad_arm64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:e972d72ec52877e59b162099d20d60a83f0607ecf724720b6163b48141deb67a_s390x",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:f0b6590d7f5168a7dc749138a935d094369a7b87bbbb8b9d1c755fc01d57100e_amd64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:706a7e97fc435cc175679eabed85a3f6a379cc0a4111a11e592758ccfdfd2857_arm64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:7554ecfe28d55d03c9814a2591c337bed1aaf203d644c02595cef517623b7cb7_ppc64le",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:ed3d74c2255ed6f3d358582794beae8091ecc098eae4a3c7c1b1ced59011210c_s390x",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:fe8de6cf5d30af29e64e5f9ebe348b4ce6ff838be480d81795723a8642e19134_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the returned Config, or uses Config.GetConfigForClient. This can cause a client to resume a session with a server that it would not have resumed with during the initial handshake, or cause a server to resume a session with a client that it would not have resumed with during the initial handshake.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: Unexpected session resumption in crypto/tls",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:80e249e039ca97506b111c12739d2d5020237e3afb8fe1cc5014a803d917d1f1_ppc64le",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:d95a6e017fd2230836b321a18e9be574776ca218f19386c35bf846f2af7920ad_arm64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:e972d72ec52877e59b162099d20d60a83f0607ecf724720b6163b48141deb67a_s390x",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:f0b6590d7f5168a7dc749138a935d094369a7b87bbbb8b9d1c755fc01d57100e_amd64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:706a7e97fc435cc175679eabed85a3f6a379cc0a4111a11e592758ccfdfd2857_arm64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:7554ecfe28d55d03c9814a2591c337bed1aaf203d644c02595cef517623b7cb7_ppc64le",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:ed3d74c2255ed6f3d358582794beae8091ecc098eae4a3c7c1b1ced59011210c_s390x",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:fe8de6cf5d30af29e64e5f9ebe348b4ce6ff838be480d81795723a8642e19134_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-11T07:52:06+00:00",
"details": "It is recommended that existing users of OpenShift Source To Image upgrade to v1.6.0",
"product_ids": [
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:80e249e039ca97506b111c12739d2d5020237e3afb8fe1cc5014a803d917d1f1_ppc64le",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:d95a6e017fd2230836b321a18e9be574776ca218f19386c35bf846f2af7920ad_arm64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:e972d72ec52877e59b162099d20d60a83f0607ecf724720b6163b48141deb67a_s390x",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:f0b6590d7f5168a7dc749138a935d094369a7b87bbbb8b9d1c755fc01d57100e_amd64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:706a7e97fc435cc175679eabed85a3f6a379cc0a4111a11e592758ccfdfd2857_arm64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:7554ecfe28d55d03c9814a2591c337bed1aaf203d644c02595cef517623b7cb7_ppc64le",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:ed3d74c2255ed6f3d358582794beae8091ecc098eae4a3c7c1b1ced59011210c_s390x",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:fe8de6cf5d30af29e64e5f9ebe348b4ce6ff838be480d81795723a8642e19134_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4270"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:80e249e039ca97506b111c12739d2d5020237e3afb8fe1cc5014a803d917d1f1_ppc64le",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:d95a6e017fd2230836b321a18e9be574776ca218f19386c35bf846f2af7920ad_arm64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:e972d72ec52877e59b162099d20d60a83f0607ecf724720b6163b48141deb67a_s390x",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel8@sha256:f0b6590d7f5168a7dc749138a935d094369a7b87bbbb8b9d1c755fc01d57100e_amd64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:706a7e97fc435cc175679eabed85a3f6a379cc0a4111a11e592758ccfdfd2857_arm64",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:7554ecfe28d55d03c9814a2591c337bed1aaf203d644c02595cef517623b7cb7_ppc64le",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:ed3d74c2255ed6f3d358582794beae8091ecc098eae4a3c7c1b1ced59011210c_s390x",
"OpenShift Developer Tools and Services 1.6.0:registry.redhat.io/source-to-image/source-to-image-rhel9@sha256:fe8de6cf5d30af29e64e5f9ebe348b4ce6ff838be480d81795723a8642e19134_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: Unexpected session resumption in crypto/tls"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…