CVE-2025-8556 (GCVE-0-2025-8556)

Vulnerability from cvelistv5 – Published: 2025-08-06 08:48 – Updated: 2026-02-25 21:35
VLAI
Title
Github.com/cloudflare/circl: circl-fourq: missing and wrong validation can lead to incorrect results
Summary
A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange.
Severity
3.7 (Low)
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
CWE
  • CWE-1287 - Improper Validation of Specified Type of Input
Assigner
References
Impacted products
Vendor Product Version
Affected: 0 , < 1.6.1 (semver)
Red Hat Builds for Red Hat OpenShift     cpe:/a:redhat:openshift_builds:1
 Create a notification for this product.
Red Hat Builds for Red Hat OpenShift     cpe:/a:redhat:openshift_builds:1
 Create a notification for this product.
Red Hat Builds for Red Hat OpenShift     cpe:/a:redhat:openshift_builds:1
 Create a notification for this product.
Red Hat Builds for Red Hat OpenShift     cpe:/a:redhat:openshift_builds:1
 Create a notification for this product.
Red Hat Builds for Red Hat OpenShift     cpe:/a:redhat:openshift_builds:1
 Create a notification for this product.
Red Hat Builds for Red Hat OpenShift     cpe:/a:redhat:openshift_builds:1
 Create a notification for this product.
Red Hat Custom Metric Autoscaler operator for Red Hat Openshift     cpe:/a:redhat:openshift_custom_metrics_autoscaler:2
 Create a notification for this product.
Red Hat Custom Metric Autoscaler operator for Red Hat Openshift     cpe:/a:redhat:openshift_custom_metrics_autoscaler:2
 Create a notification for this product.
Red Hat Custom Metric Autoscaler operator for Red Hat Openshift     cpe:/a:redhat:openshift_custom_metrics_autoscaler:2
 Create a notification for this product.
Red Hat Custom Metric Autoscaler operator for Red Hat Openshift     cpe:/a:redhat:openshift_custom_metrics_autoscaler:2
 Create a notification for this product.
Red Hat Custom Metric Autoscaler operator for Red Hat Openshift     cpe:/a:redhat:openshift_custom_metrics_autoscaler:2
 Create a notification for this product.
Red Hat Multicluster Global Hub     cpe:/a:redhat:multicluster_globalhub
 Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
 Create a notification for this product.
Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
 Create a notification for this product.
Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
 Create a notification for this product.
Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
 Create a notification for this product.
Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
 Create a notification for this product.
Red Hat OpenShift Service Mesh 3     cpe:/a:redhat:service_mesh:3
 Create a notification for this product.
Red Hat OpenShift Service Mesh 3     cpe:/a:redhat:service_mesh:3
 Create a notification for this product.
Red Hat OpenShift Service Mesh 3     cpe:/a:redhat:service_mesh:3
 Create a notification for this product.
Red Hat OpenShift Service Mesh 3     cpe:/a:redhat:service_mesh:3
 Create a notification for this product.
Red Hat OpenShift Service Mesh 3     cpe:/a:redhat:service_mesh:3
 Create a notification for this product.
Red Hat OpenShift Service Mesh 3     cpe:/a:redhat:service_mesh:3
 Create a notification for this product.
Red Hat OpenShift Service Mesh 3     cpe:/a:redhat:service_mesh:3
 Create a notification for this product.
Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
 Create a notification for this product.
Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
 Create a notification for this product.
Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
 Create a notification for this product.
Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
 Create a notification for this product.
Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
 Create a notification for this product.
Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
 Create a notification for this product.
Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
 Create a notification for this product.
Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
 Create a notification for this product.
Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
 Create a notification for this product.
Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
 Create a notification for this product.
Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
 Create a notification for this product.
Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
 Create a notification for this product.
Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
 Create a notification for this product.
Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
 Create a notification for this product.
Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
 Create a notification for this product.
Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
 Create a notification for this product.
Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
 Create a notification for this product.
Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
 Create a notification for this product.
Red Hat Red Hat Ceph Storage 5     cpe:/a:redhat:ceph_storage:5
 Create a notification for this product.
Red Hat Red Hat Ceph Storage 5     cpe:/a:redhat:ceph_storage:5
 Create a notification for this product.
Red Hat Red Hat Ceph Storage 6     cpe:/a:redhat:ceph_storage:6
 Create a notification for this product.
Red Hat Red Hat Ceph Storage 6     cpe:/a:redhat:ceph_storage:6
 Create a notification for this product.
Red Hat Red Hat Ceph Storage 8     cpe:/a:redhat:ceph_storage:8
 Create a notification for this product.
Red Hat Red Hat Ceph Storage 8     cpe:/a:redhat:ceph_storage:8
 Create a notification for this product.
Red Hat Red Hat Developer Hub     cpe:/a:redhat:rhdh:1
 Create a notification for this product.
Red Hat Red Hat Developer Hub     cpe:/a:redhat:rhdh:1
 Create a notification for this product.
Red Hat Red Hat Edge Manager preview     cpe:/a:redhat:edge_manager:0
 Create a notification for this product.
Red Hat Red Hat Edge Manager preview     cpe:/a:redhat:edge_manager:0
 Create a notification for this product.
Red Hat Red Hat Edge Manager preview     cpe:/a:redhat:edge_manager:0
 Create a notification for this product.
Red Hat Red Hat Edge Manager preview     cpe:/a:redhat:edge_manager:0
 Create a notification for this product.
Red Hat Red Hat Edge Manager preview     cpe:/a:redhat:edge_manager:0
 Create a notification for this product.
Red Hat Red Hat Edge Manager preview     cpe:/a:redhat:edge_manager:0
 Create a notification for this product.
Red Hat Red Hat Edge Manager preview     cpe:/a:redhat:edge_manager:0
 Create a notification for this product.
Red Hat Red Hat Edge Manager preview     cpe:/a:redhat:edge_manager:0
 Create a notification for this product.
Red Hat Red Hat Edge Manager preview     cpe:/a:redhat:edge_manager:0
 Create a notification for this product.
Red Hat Red Hat Edge Manager preview     cpe:/a:redhat:edge_manager:0
 Create a notification for this product.
Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
 Create a notification for this product.
Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
 Create a notification for this product.
Red Hat Red Hat Enterprise Linux AI (RHEL AI)     cpe:/a:redhat:enterprise_linux_ai:1
 Create a notification for this product.
Red Hat Red Hat Enterprise Linux AI (RHEL AI)     cpe:/a:redhat:enterprise_linux_ai:1
 Create a notification for this product.
Red Hat Red Hat Enterprise Linux AI (RHEL AI)     cpe:/a:redhat:enterprise_linux_ai:1
 Create a notification for this product.
Red Hat Red Hat Enterprise Linux AI (RHEL AI)     cpe:/a:redhat:enterprise_linux_ai:1
 Create a notification for this product.
Red Hat Red Hat Enterprise Linux AI (RHEL AI)     cpe:/a:redhat:enterprise_linux_ai:1
 Create a notification for this product.
Red Hat Red Hat Enterprise Linux AI (RHEL AI)     cpe:/a:redhat:enterprise_linux_ai:1
 Create a notification for this product.
Red Hat Red Hat Enterprise Linux AI (RHEL AI)     cpe:/a:redhat:enterprise_linux_ai:1
 Create a notification for this product.
Red Hat Red Hat Enterprise Linux AI (RHEL AI)     cpe:/a:redhat:enterprise_linux_ai:1
 Create a notification for this product.
Red Hat Red Hat Enterprise Linux AI (RHEL AI)     cpe:/a:redhat:enterprise_linux_ai:1
 Create a notification for this product.
Red Hat Red Hat Enterprise Linux AI (RHEL AI)     cpe:/a:redhat:enterprise_linux_ai:1
 Create a notification for this product.
Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
 Create a notification for this product.
Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
 Create a notification for this product.
Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
 Create a notification for this product.
Red Hat Red Hat OpenShift Dev Workspaces Operator     cpe:/a:redhat:devworkspace
 Create a notification for this product.
Red Hat Red Hat OpenShift Dev Workspaces Operator     cpe:/a:redhat:devworkspace
 Create a notification for this product.
Red Hat Red Hat OpenShift Dev Workspaces Operator     cpe:/a:redhat:devworkspace
 Create a notification for this product.
Red Hat Red Hat OpenShift for Windows Containers     cpe:/a:redhat:windows_machine_config
 Create a notification for this product.
Red Hat Red Hat OpenShift for Windows Containers     cpe:/a:redhat:windows_machine_config
 Create a notification for this product.
Red Hat Red Hat OpenShift GitOps     cpe:/a:redhat:openshift_gitops:1
 Create a notification for this product.
Red Hat Red Hat OpenShift GitOps     cpe:/a:redhat:openshift_gitops:1
 Create a notification for this product.
Red Hat Red Hat OpenShift GitOps     cpe:/a:redhat:openshift_gitops:1
 Create a notification for this product.
Red Hat Red Hat OpenShift GitOps     cpe:/a:redhat:openshift_gitops:1
 Create a notification for this product.
Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
 Create a notification for this product.
Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
 Create a notification for this product.
Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
 Create a notification for this product.
Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
 Create a notification for this product.
Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
 Create a notification for this product.
Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
 Create a notification for this product.
Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
 Create a notification for this product.
Red Hat Red Hat Trusted Application Pipeline     cpe:/a:redhat:trusted_application_pipeline:1
 Create a notification for this product.
Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
 Create a notification for this product.
Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
 Create a notification for this product.
Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
 Create a notification for this product.
Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
 Create a notification for this product.
Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
 Create a notification for this product.
Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
 Create a notification for this product.
Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
 Create a notification for this product.
Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
 Create a notification for this product.
Red Hat Red Hat Trusted Profile Analyzer     cpe:/a:redhat:trusted_profile_analyzer:1
 Create a notification for this product.
Date Public
2025-06-10 21:18
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-8556",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-06T20:24:48.827225Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-06T20:24:59.905Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-10-22T21:03:52.780Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.botanica.software/blog/cryptographic-issues-in-cloudflares-circl-fourq-implementation"
          },
          {
            "url": "https://news.ycombinator.com/item?id=45669593"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/cloudflare/circl/",
          "defaultStatus": "unaffected",
          "packageName": "circl",
          "versions": [
            {
              "lessThan": "1.6.1",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_builds:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-builds/openshift-builds-controller-rhel9",
          "product": "Builds for Red Hat OpenShift",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_builds:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-builds/openshift-builds-git-cloner-rhel9",
          "product": "Builds for Red Hat OpenShift",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_builds:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-builds/openshift-builds-image-bundler-rhel9",
          "product": "Builds for Red Hat OpenShift",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_builds:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-builds/openshift-builds-image-processing-rhel9",
          "product": "Builds for Red Hat OpenShift",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_builds:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-builds/openshift-builds-waiters-rhel9",
          "product": "Builds for Red Hat OpenShift",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_builds:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-builds/openshift-builds-webhook-rhel9",
          "product": "Builds for Red Hat OpenShift",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2"
          ],
          "defaultStatus": "affected",
          "packageName": "custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9",
          "product": "Custom Metric Autoscaler operator for Red Hat Openshift",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2"
          ],
          "defaultStatus": "affected",
          "packageName": "custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9",
          "product": "Custom Metric Autoscaler operator for Red Hat Openshift",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2"
          ],
          "defaultStatus": "affected",
          "packageName": "custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle",
          "product": "Custom Metric Autoscaler operator for Red Hat Openshift",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2"
          ],
          "defaultStatus": "affected",
          "packageName": "custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9",
          "product": "Custom Metric Autoscaler operator for Red Hat Openshift",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2"
          ],
          "defaultStatus": "affected",
          "packageName": "custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator",
          "product": "Custom Metric Autoscaler operator for Red Hat Openshift",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:multicluster_globalhub"
          ],
          "defaultStatus": "affected",
          "packageName": "multicluster-globalhub/multicluster-globalhub-grafana-rhel9",
          "product": "Multicluster Global Hub",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-chains-controller-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-chains-controller-rhel9",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-cli-tkn-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-cli-tkn-rhel9",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-controller-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-controller-rhel9",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-entrypoint-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-entrypoint-rhel9",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-events-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-events-rhel9",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-nop-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-nop-rhel9",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-operator-bundle",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-operator-proxy-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-operator-proxy-rhel9",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-operator-webhook-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-operator-webhook-rhel9",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-resolvers-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-resolvers-rhel9",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-rhel8-operator",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-rhel9-operator",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-sidecarlogresults-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-sidecarlogresults-rhel9",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-webhook-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-webhook-rhel9",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-workingdirinit-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-workingdirinit-rhel9",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:serverless:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-serverless-1/kn-client-cli-artifacts-rhel8",
          "product": "OpenShift Serverless",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:serverless:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-serverless-1/kn-client-kn-rhel8",
          "product": "OpenShift Serverless",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:serverless:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-serverless-1/kn-plugin-event-sender-rhel8",
          "product": "OpenShift Serverless",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:serverless:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-serverless-1/kn-plugin-func-func-util-rhel8",
          "product": "OpenShift Serverless",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:service_mesh:3"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9",
          "product": "OpenShift Service Mesh 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:service_mesh:3"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-service-mesh/istio-cni-rhel9",
          "product": "OpenShift Service Mesh 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:service_mesh:3"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-service-mesh/istio-must-gather-rhel9",
          "product": "OpenShift Service Mesh 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:service_mesh:3"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-service-mesh/istio-pilot-rhel9",
          "product": "OpenShift Service Mesh 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:service_mesh:3"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-service-mesh/istio-proxyv2-rhel9",
          "product": "OpenShift Service Mesh 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:service_mesh:3"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-service-mesh/istio-rhel9-operator",
          "product": "OpenShift Service Mesh 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:service_mesh:3"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-service-mesh/istio-sail-operator-bundle",
          "product": "OpenShift Service Mesh 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:acm:2"
          ],
          "defaultStatus": "affected",
          "packageName": "flightctl",
          "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:acm:2"
          ],
          "defaultStatus": "affected",
          "packageName": "rhacm2/acm-flightctl-api-rhel9",
          "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:acm:2"
          ],
          "defaultStatus": "affected",
          "packageName": "rhacm2/acm-flightctl-periodic-rhel9",
          "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:acm:2"
          ],
          "defaultStatus": "affected",
          "packageName": "rhacm2/acm-flightctl-worker-rhel9",
          "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:acm:2"
          ],
          "defaultStatus": "affected",
          "packageName": "rhacm2/acm-grafana-rhel9",
          "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:acm:2"
          ],
          "defaultStatus": "affected",
          "packageName": "rhacm2/multicluster-operators-subscription-rhel9",
          "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:acm:2"
          ],
          "defaultStatus": "affected",
          "packageName": "rhacm2/subctl-rhel9",
          "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:acm:2"
          ],
          "defaultStatus": "affected",
          "packageName": "rhacm2/volsync-rhel9",
          "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "Red Hat Advanced Cluster Security 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-rhel8-operator",
          "product": "Red Hat Advanced Cluster Security 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-roxctl-rhel8",
          "product": "Red Hat Advanced Cluster Security 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-rhel8",
          "product": "Red Hat Advanced Cluster Security 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-v4-rhel8",
          "product": "Red Hat Advanced Cluster Security 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:5"
          ],
          "defaultStatus": "affected",
          "packageName": "rhceph/grafana-rhel9",
          "product": "Red Hat Ceph Storage 5",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:5"
          ],
          "defaultStatus": "affected",
          "packageName": "rhel9/grafana",
          "product": "Red Hat Ceph Storage 5",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:6"
          ],
          "defaultStatus": "affected",
          "packageName": "rhceph/grafana-rhel9",
          "product": "Red Hat Ceph Storage 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:6"
          ],
          "defaultStatus": "affected",
          "packageName": "rhel9/grafana",
          "product": "Red Hat Ceph Storage 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhceph/grafana-rhel9",
          "product": "Red Hat Ceph Storage 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhel9/grafana",
          "product": "Red Hat Ceph Storage 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhdh:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhdh-orchestrator-dev-preview-beta/controller-rhel9-operator",
          "product": "Red Hat Developer Hub",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhdh:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhdh-orchestrator-dev-preview-beta/orchestrator-operator-bundle",
          "product": "Red Hat Developer Hub",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:edge_manager:0"
          ],
          "defaultStatus": "affected",
          "packageName": "flightctl",
          "product": "Red Hat Edge Manager preview",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:edge_manager:0"
          ],
          "defaultStatus": "affected",
          "packageName": "rhacm2/acm-flightctl-api-rhel9",
          "product": "Red Hat Edge Manager preview",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:edge_manager:0"
          ],
          "defaultStatus": "affected",
          "packageName": "rhacm2/acm-flightctl-periodic-rhel9",
          "product": "Red Hat Edge Manager preview",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:edge_manager:0"
          ],
          "defaultStatus": "affected",
          "packageName": "rhacm2/acm-flightctl-worker-rhel9",
          "product": "Red Hat Edge Manager preview",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:edge_manager:0"
          ],
          "defaultStatus": "affected",
          "packageName": "rhem/flightctl-api-rhel9",
          "product": "Red Hat Edge Manager preview",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:edge_manager:0"
          ],
          "defaultStatus": "affected",
          "packageName": "rhem/flightctl-cli-artifacts-rhel9",
          "product": "Red Hat Edge Manager preview",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:edge_manager:0"
          ],
          "defaultStatus": "affected",
          "packageName": "rhem/flightctl-periodic-rhel9",
          "product": "Red Hat Edge Manager preview",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:edge_manager:0"
          ],
          "defaultStatus": "affected",
          "packageName": "rhem/flightctl-ui-ocp-rhel9",
          "product": "Red Hat Edge Manager preview",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:edge_manager:0"
          ],
          "defaultStatus": "affected",
          "packageName": "rhem/flightctl-ui-rhel9",
          "product": "Red Hat Edge Manager preview",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:edge_manager:0"
          ],
          "defaultStatus": "affected",
          "packageName": "rhem/flightctl-worker-rhel9",
          "product": "Red Hat Edge Manager preview",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhel10/grafana",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhel9/grafana",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux_ai:1"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhelai1/bootc-amd-rhel9",
          "product": "Red Hat Enterprise Linux AI (RHEL AI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux_ai:1"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhelai1/bootc-aws-nvidia-rhel9",
          "product": "Red Hat Enterprise Linux AI (RHEL AI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux_ai:1"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhelai1/bootc-azure-amd-rhel9",
          "product": "Red Hat Enterprise Linux AI (RHEL AI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux_ai:1"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhelai1/bootc-azure-nvidia-rhel9",
          "product": "Red Hat Enterprise Linux AI (RHEL AI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux_ai:1"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhelai1/bootc-gcp-nvidia-rhel9",
          "product": "Red Hat Enterprise Linux AI (RHEL AI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux_ai:1"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhelai1/bootc-nvidia-rhel9",
          "product": "Red Hat Enterprise Linux AI (RHEL AI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux_ai:1"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhelai1/instructlab-amd-rhel9",
          "product": "Red Hat Enterprise Linux AI (RHEL AI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux_ai:1"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhelai1/instructlab-nvidia-rhel9",
          "product": "Red Hat Enterprise Linux AI (RHEL AI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux_ai:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhelai1/pathservice-rhel9",
          "product": "Red Hat Enterprise Linux AI (RHEL AI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux_ai:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhelai1/ui-rhel9",
          "product": "Red Hat Enterprise Linux AI (RHEL AI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ai"
          ],
          "defaultStatus": "affected",
          "packageName": "rhoai/odh-data-science-pipelines-argo-argoexec-rhel8",
          "product": "Red Hat OpenShift AI (RHOAI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ai"
          ],
          "defaultStatus": "affected",
          "packageName": "rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8",
          "product": "Red Hat OpenShift AI (RHOAI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/o-cloud-manager-operator-bundle",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/o-cloud-manager-rhel9-operator",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-aws-cluster-api-controllers-rhel8",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-aws-cluster-api-controllers-rhel9",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-cluster-api-rhel9",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-cluster-kube-cluster-api-rhel8-operator",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-cluster-kube-cluster-api-rhel9-operator",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-console",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-console-rhel9",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-olm-rukpak-rhel8",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-olm-rukpak-rhel9",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:devworkspace"
          ],
          "defaultStatus": "affected",
          "packageName": "devworkspace/devworkspace-operator-bundle",
          "product": "Red Hat OpenShift Dev Workspaces Operator",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:devworkspace"
          ],
          "defaultStatus": "affected",
          "packageName": "devworkspace/devworkspace-project-clone-rhel9",
          "product": "Red Hat OpenShift Dev Workspaces Operator",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:devworkspace"
          ],
          "defaultStatus": "affected",
          "packageName": "devworkspace/devworkspace-rhel9-operator",
          "product": "Red Hat OpenShift Dev Workspaces Operator",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:windows_machine_config"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4-wincw/windows-machine-config-operator-bundle",
          "product": "Red Hat OpenShift for Windows Containers",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:windows_machine_config"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4-wincw/windows-machine-config-rhel9-operator",
          "product": "Red Hat OpenShift for Windows Containers",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/argocd-rhel8",
          "product": "Red Hat OpenShift GitOps",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/argocd-rhel9",
          "product": "Red Hat OpenShift GitOps",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/argo-rollouts-rhel8",
          "product": "Red Hat OpenShift GitOps",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/gitops-rhel8",
          "product": "Red Hat OpenShift GitOps",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/cluster-network-addons-operator-rhel9",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:16.2"
          ],
          "defaultStatus": "unknown",
          "packageName": "rhosp-rhel9/osp-director-agent",
          "product": "Red Hat OpenStack Platform 16.2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:16.2"
          ],
          "defaultStatus": "unknown",
          "packageName": "rhosp-rhel9/osp-director-downloader",
          "product": "Red Hat OpenStack Platform 16.2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:16.2"
          ],
          "defaultStatus": "unknown",
          "packageName": "rhosp-rhel9/osp-director-operator",
          "product": "Red Hat OpenStack Platform 16.2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:17.1"
          ],
          "defaultStatus": "unknown",
          "packageName": "rhosp-rhel9/osp-director-agent",
          "product": "Red Hat OpenStack Platform 17.1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:17.1"
          ],
          "defaultStatus": "unknown",
          "packageName": "rhosp-rhel9/osp-director-downloader",
          "product": "Red Hat OpenStack Platform 17.1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:17.1"
          ],
          "defaultStatus": "unknown",
          "packageName": "rhosp-rhel9/osp-director-operator",
          "product": "Red Hat OpenStack Platform 17.1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_application_pipeline:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtap-task-runner/rhtap-task-runner-rhel9",
          "product": "Red Hat Trusted Application Pipeline",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_artifact_signer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtas/client-server-rhel9",
          "product": "Red Hat Trusted Artifact Signer",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_artifact_signer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtas/cosign-rhel9",
          "product": "Red Hat Trusted Artifact Signer",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_artifact_signer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtas/createctconfig-rhel9",
          "product": "Red Hat Trusted Artifact Signer",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_artifact_signer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtas/ctlog-managectroots-rhel9",
          "product": "Red Hat Trusted Artifact Signer",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_artifact_signer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtas/fulcio-createcerts-rhel9",
          "product": "Red Hat Trusted Artifact Signer",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_artifact_signer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtas/gitsign-rhel9",
          "product": "Red Hat Trusted Artifact Signer",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_artifact_signer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtas/trillian-createdb-rhel9",
          "product": "Red Hat Trusted Artifact Signer",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_artifact_signer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtas/tuf-server-rhel9",
          "product": "Red Hat Trusted Artifact Signer",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_profile_analyzer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtpa/rhtpa-guac-rhel9",
          "product": "Red Hat Trusted Profile Analyzer",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-06-10T21:18:33.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in CIRCL\u0027s implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1287",
              "description": "Improper Validation of Specified Type of Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-25T21:35:56.716Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-8556"
        },
        {
          "name": "RHBZ#2371624",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2371624"
        },
        {
          "url": "https://github.com/cloudflare/circl"
        },
        {
          "url": "https://github.com/cloudflare/circl/security/advisories/GHSA-2x5j-vhc8-9cwm"
        },
        {
          "url": "https://github.com/cloudflare/circl/tree/v1.6.1"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-11T00:00:46.556Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-10T21:18:33.000Z",
          "value": "Made public."
        }
      ],
      "title": "Github.com/cloudflare/circl: circl-fourq: missing and wrong validation can lead to incorrect results",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-1287: Improper Validation of Specified Type of Input"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-8556",
    "datePublished": "2025-08-06T08:48:17.946Z",
    "dateReserved": "2025-08-04T14:05:14.993Z",
    "dateUpdated": "2026-02-25T21:35:56.716Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-8556",
      "date": "2026-05-25",
      "epss": "0.00028",
      "percentile": "0.0843"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-8556\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2025-08-06T09:15:28.173\",\"lastModified\":\"2026-02-25T22:16:22.633\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in CIRCL\u0027s implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange.\"},{\"lang\":\"es\",\"value\":\"Se detect\u00f3 una falla en la implementaci\u00f3n de la curva el\u00edptica FourQ de CIRCL. Esta vulnerabilidad permite a un atacante comprometer la seguridad de la sesi\u00f3n mediante la inyecci\u00f3n de puntos de orden inferior y una validaci\u00f3n incorrecta de puntos durante el intercambio de claves Diffie-Hellman.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":3.7,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1287\"}]}],\"references\":[{\"url\":\"https://access.redhat.com/security/cve/CVE-2025-8556\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2371624\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://github.com/cloudflare/circl\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://github.com/cloudflare/circl/security/advisories/GHSA-2x5j-vhc8-9cwm\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://github.com/cloudflare/circl/tree/v1.6.1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://news.ycombinator.com/item?id=45669593\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.botanica.software/blog/cryptographic-issues-in-cloudflares-circl-fourq-implementation\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.botanica.software/blog/cryptographic-issues-in-cloudflares-circl-fourq-implementation\"}, {\"url\": \"https://news.ycombinator.com/item?id=45669593\"}], \"x_generator\": {\"engine\": \"ADPogram 0.0.1\"}, \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-10-22T21:03:52.780Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-8556\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-08-06T20:24:48.827225Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-08-06T20:24:55.922Z\"}}], \"cna\": {\"title\": \"Github.com/cloudflare/circl: circl-fourq: missing and wrong validation can lead to incorrect results\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Low\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 3.7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.6.1\", \"versionType\": \"semver\"}], \"packageName\": \"circl\", \"collectionURL\": \"https://github.com/cloudflare/circl/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_builds:1\"], \"vendor\": \"Red Hat\", \"product\": \"Builds for Red Hat OpenShift\", \"packageName\": \"openshift-builds/openshift-builds-controller-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_builds:1\"], \"vendor\": \"Red Hat\", \"product\": \"Builds for Red Hat OpenShift\", \"packageName\": \"openshift-builds/openshift-builds-git-cloner-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_builds:1\"], \"vendor\": \"Red Hat\", \"product\": \"Builds for Red Hat OpenShift\", \"packageName\": \"openshift-builds/openshift-builds-image-bundler-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_builds:1\"], \"vendor\": \"Red Hat\", \"product\": \"Builds for Red Hat OpenShift\", \"packageName\": \"openshift-builds/openshift-builds-image-processing-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_builds:1\"], \"vendor\": \"Red Hat\", \"product\": \"Builds for Red Hat OpenShift\", \"packageName\": \"openshift-builds/openshift-builds-waiters-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_builds:1\"], \"vendor\": \"Red Hat\", \"product\": \"Builds for Red Hat OpenShift\", \"packageName\": \"openshift-builds/openshift-builds-webhook-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_custom_metrics_autoscaler:2\"], \"vendor\": \"Red Hat\", \"product\": \"Custom Metric Autoscaler operator for Red Hat Openshift\", \"packageName\": \"custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_custom_metrics_autoscaler:2\"], \"vendor\": \"Red Hat\", \"product\": \"Custom Metric Autoscaler operator for Red Hat Openshift\", \"packageName\": \"custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_custom_metrics_autoscaler:2\"], \"vendor\": \"Red Hat\", \"product\": \"Custom Metric Autoscaler operator for Red Hat Openshift\", \"packageName\": \"custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_custom_metrics_autoscaler:2\"], \"vendor\": \"Red Hat\", \"product\": \"Custom Metric Autoscaler operator for Red Hat Openshift\", \"packageName\": \"custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_custom_metrics_autoscaler:2\"], \"vendor\": \"Red Hat\", \"product\": \"Custom Metric Autoscaler operator for Red Hat Openshift\", \"packageName\": \"custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_globalhub\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Global Hub\", \"packageName\": \"multicluster-globalhub/multicluster-globalhub-grafana-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines/pipelines-chains-controller-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines/pipelines-chains-controller-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines/pipelines-cli-tkn-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines/pipelines-cli-tkn-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines/pipelines-controller-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines/pipelines-controller-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines/pipelines-entrypoint-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines/pipelines-entrypoint-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines/pipelines-events-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines/pipelines-events-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines/pipelines-nop-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines/pipelines-nop-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines/pipelines-operator-bundle\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines/pipelines-operator-proxy-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines/pipelines-operator-proxy-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines/pipelines-operator-webhook-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines/pipelines-operator-webhook-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines/pipelines-resolvers-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines/pipelines-resolvers-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines/pipelines-rhel8-operator\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines/pipelines-rhel9-operator\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines/pipelines-sidecarlogresults-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines/pipelines-sidecarlogresults-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines/pipelines-webhook-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines/pipelines-webhook-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines/pipelines-workingdirinit-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"packageName\": \"openshift-pipelines/pipelines-workingdirinit-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:serverless:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Serverless\", \"packageName\": \"openshift-serverless-1/kn-client-cli-artifacts-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:serverless:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Serverless\", \"packageName\": \"openshift-serverless-1/kn-client-kn-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:serverless:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Serverless\", \"packageName\": \"openshift-serverless-1/kn-plugin-event-sender-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:serverless:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Serverless\", \"packageName\": \"openshift-serverless-1/kn-plugin-func-func-util-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Service Mesh 3\", \"packageName\": \"openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Service Mesh 3\", \"packageName\": \"openshift-service-mesh/istio-cni-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Service Mesh 3\", \"packageName\": \"openshift-service-mesh/istio-must-gather-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Service Mesh 3\", \"packageName\": \"openshift-service-mesh/istio-pilot-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Service Mesh 3\", \"packageName\": \"openshift-service-mesh/istio-proxyv2-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Service Mesh 3\", \"packageName\": \"openshift-service-mesh/istio-rhel9-operator\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Service Mesh 3\", \"packageName\": \"openshift-service-mesh/istio-sail-operator-bundle\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2\", \"packageName\": \"flightctl\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2\", \"packageName\": \"rhacm2/acm-flightctl-api-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2\", \"packageName\": \"rhacm2/acm-flightctl-periodic-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2\", \"packageName\": \"rhacm2/acm-flightctl-worker-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2\", \"packageName\": \"rhacm2/acm-grafana-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2\", \"packageName\": \"rhacm2/multicluster-operators-subscription-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2\", \"packageName\": \"rhacm2/subctl-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2\", \"packageName\": \"rhacm2/volsync-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security 4\", \"packageName\": \"advanced-cluster-security/rhacs-central-db-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security 4\", \"packageName\": \"advanced-cluster-security/rhacs-main-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security 4\", \"packageName\": \"advanced-cluster-security/rhacs-rhel8-operator\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security 4\", \"packageName\": \"advanced-cluster-security/rhacs-roxctl-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security 4\", \"packageName\": \"advanced-cluster-security/rhacs-scanner-db-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security 4\", \"packageName\": \"advanced-cluster-security/rhacs-scanner-db-slim-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security 4\", \"packageName\": \"advanced-cluster-security/rhacs-scanner-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security 4\", \"packageName\": \"advanced-cluster-security/rhacs-scanner-slim-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security 4\", \"packageName\": \"advanced-cluster-security/rhacs-scanner-v4-db-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security 4\", \"packageName\": \"advanced-cluster-security/rhacs-scanner-v4-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ceph_storage:5\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ceph Storage 5\", \"packageName\": \"rhceph/grafana-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ceph_storage:5\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ceph Storage 5\", \"packageName\": \"rhel9/grafana\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ceph_storage:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ceph Storage 6\", \"packageName\": \"rhceph/grafana-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ceph_storage:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ceph Storage 6\", \"packageName\": \"rhel9/grafana\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ceph_storage:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ceph Storage 8\", \"packageName\": \"rhceph/grafana-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ceph_storage:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ceph Storage 8\", \"packageName\": \"rhel9/grafana\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhdh:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Developer Hub\", \"packageName\": \"rhdh-orchestrator-dev-preview-beta/controller-rhel9-operator\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhdh:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Developer Hub\", \"packageName\": \"rhdh-orchestrator-dev-preview-beta/orchestrator-operator-bundle\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:edge_manager:0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Edge Manager preview\", \"packageName\": \"flightctl\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:edge_manager:0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Edge Manager preview\", \"packageName\": \"rhacm2/acm-flightctl-api-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:edge_manager:0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Edge Manager preview\", \"packageName\": \"rhacm2/acm-flightctl-periodic-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:edge_manager:0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Edge Manager preview\", \"packageName\": \"rhacm2/acm-flightctl-worker-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:edge_manager:0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Edge Manager preview\", \"packageName\": \"rhem/flightctl-api-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:edge_manager:0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Edge Manager preview\", \"packageName\": \"rhem/flightctl-cli-artifacts-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:edge_manager:0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Edge Manager preview\", \"packageName\": \"rhem/flightctl-periodic-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:edge_manager:0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Edge Manager preview\", \"packageName\": \"rhem/flightctl-ui-ocp-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:edge_manager:0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Edge Manager preview\", \"packageName\": \"rhem/flightctl-ui-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:edge_manager:0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Edge Manager preview\", \"packageName\": \"rhem/flightctl-worker-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"packageName\": \"rhel10/grafana\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"packageName\": \"rhel9/grafana\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_ai:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AI (RHEL AI)\", \"packageName\": \"rhelai1/bootc-amd-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_ai:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AI (RHEL AI)\", \"packageName\": \"rhelai1/bootc-aws-nvidia-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_ai:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AI (RHEL AI)\", \"packageName\": \"rhelai1/bootc-azure-amd-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_ai:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AI (RHEL AI)\", \"packageName\": \"rhelai1/bootc-azure-nvidia-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_ai:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AI (RHEL AI)\", \"packageName\": \"rhelai1/bootc-gcp-nvidia-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_ai:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AI (RHEL AI)\", \"packageName\": \"rhelai1/bootc-nvidia-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_ai:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AI (RHEL AI)\", \"packageName\": \"rhelai1/instructlab-amd-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_ai:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AI (RHEL AI)\", \"packageName\": \"rhelai1/instructlab-nvidia-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_ai:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AI (RHEL AI)\", \"packageName\": \"rhelai1/pathservice-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_ai:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AI (RHEL AI)\", \"packageName\": \"rhelai1/ui-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI (RHOAI)\", \"packageName\": \"rhoai/odh-data-science-pipelines-argo-argoexec-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI (RHOAI)\", \"packageName\": \"rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"packageName\": \"openshift4/o-cloud-manager-operator-bundle\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"packageName\": \"openshift4/o-cloud-manager-rhel9-operator\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"packageName\": \"openshift4/ose-aws-cluster-api-controllers-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"packageName\": \"openshift4/ose-aws-cluster-api-controllers-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"packageName\": \"openshift4/ose-cluster-api-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"packageName\": \"openshift4/ose-cluster-kube-cluster-api-rhel8-operator\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"packageName\": \"openshift4/ose-cluster-kube-cluster-api-rhel9-operator\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"packageName\": \"openshift4/ose-console\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"packageName\": \"openshift4/ose-console-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"packageName\": \"openshift4/ose-olm-rukpak-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"packageName\": \"openshift4/ose-olm-rukpak-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:devworkspace\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Dev Workspaces Operator\", \"packageName\": \"devworkspace/devworkspace-operator-bundle\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:devworkspace\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Dev Workspaces Operator\", \"packageName\": \"devworkspace/devworkspace-project-clone-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:devworkspace\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Dev Workspaces Operator\", \"packageName\": \"devworkspace/devworkspace-rhel9-operator\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:windows_machine_config\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift for Windows Containers\", \"packageName\": \"openshift4-wincw/windows-machine-config-operator-bundle\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:windows_machine_config\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift for Windows Containers\", \"packageName\": \"openshift4-wincw/windows-machine-config-rhel9-operator\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_gitops:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift GitOps\", \"packageName\": \"openshift-gitops-1/argocd-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_gitops:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift GitOps\", \"packageName\": \"openshift-gitops-1/argocd-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_gitops:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift GitOps\", \"packageName\": \"openshift-gitops-1/argo-rollouts-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_gitops:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift GitOps\", \"packageName\": \"openshift-gitops-1/gitops-rhel8\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Virtualization 4\", \"packageName\": \"container-native-virtualization/cluster-network-addons-operator-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:16.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 16.2\", \"packageName\": \"rhosp-rhel9/osp-director-agent\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:16.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 16.2\", \"packageName\": \"rhosp-rhel9/osp-director-downloader\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:16.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 16.2\", \"packageName\": \"rhosp-rhel9/osp-director-operator\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:17.1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 17.1\", \"packageName\": \"rhosp-rhel9/osp-director-agent\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:17.1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 17.1\", \"packageName\": \"rhosp-rhel9/osp-director-downloader\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:17.1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 17.1\", \"packageName\": \"rhosp-rhel9/osp-director-operator\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:trusted_application_pipeline:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Trusted Application Pipeline\", \"packageName\": \"rhtap-task-runner/rhtap-task-runner-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:trusted_artifact_signer:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Trusted Artifact Signer\", \"packageName\": \"rhtas/client-server-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:trusted_artifact_signer:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Trusted Artifact Signer\", \"packageName\": \"rhtas/cosign-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:trusted_artifact_signer:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Trusted Artifact Signer\", \"packageName\": \"rhtas/createctconfig-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:trusted_artifact_signer:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Trusted Artifact Signer\", \"packageName\": \"rhtas/ctlog-managectroots-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:trusted_artifact_signer:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Trusted Artifact Signer\", \"packageName\": \"rhtas/fulcio-createcerts-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:trusted_artifact_signer:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Trusted Artifact Signer\", \"packageName\": \"rhtas/gitsign-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:trusted_artifact_signer:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Trusted Artifact Signer\", \"packageName\": \"rhtas/trillian-createdb-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:trusted_artifact_signer:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Trusted Artifact Signer\", \"packageName\": \"rhtas/tuf-server-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:trusted_profile_analyzer:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Trusted Profile Analyzer\", \"packageName\": \"rhtpa/rhtpa-guac-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-06-11T00:00:46.556Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2025-06-10T21:18:33.000Z\", \"value\": \"Made public.\"}], \"datePublic\": \"2025-06-10T21:18:33.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2025-8556\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2371624\", \"name\": \"RHBZ#2371624\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://github.com/cloudflare/circl\"}, {\"url\": \"https://github.com/cloudflare/circl/security/advisories/GHSA-2x5j-vhc8-9cwm\"}, {\"url\": \"https://github.com/cloudflare/circl/tree/v1.6.1\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.\"}], \"x_generator\": {\"engine\": \"cvelib 1.8.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in CIRCL\u0027s implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1287\", \"description\": \"Improper Validation of Specified Type of Input\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2026-02-25T21:35:56.716Z\"}, \"x_redhatCweChain\": \"CWE-1287: Improper Validation of Specified Type of Input\"}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-8556\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-25T21:35:56.716Z\", \"dateReserved\": \"2025-08-04T14:05:14.993Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2025-08-06T08:48:17.946Z\", \"assignerShortName\": \"redhat\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.