Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-9277 (GCVE-0-2026-9277)
Vulnerability from cvelistv5 – Published: 2026-05-22 13:22 – Updated: 2026-05-23 03:04
VLAI
EPSS
Title
shell-quote `quote()` does not validate object-token shapes, allowing command injection via line terminators in `.op`
Summary
shell-quote's `quote()` function did not validate object-token inputs against the operator model used by `parse()`. The `.op` field was backslash-escaped character by character using `/(.)/g`, which in JavaScript does not match line terminators (\n, \r, U+2028, U+2029). A line terminator in `.op` therefore passed through unescaped into the output; POSIX shells treat a literal newline as a command separator, so any content after it would execute as a second command. The vulnerable code path is reachable in two ways: (1) direct construction of `{ op: '...\n...' }` from external input, and (2) via `parse(cmd, envFn)` when `envFn` returns object tokens whose `.op` is attacker-influenced. Both are documented API surface. Fixed by replacing the per-character escape with strict shape validation: `.op` must match the parser's control-operator allowlist; `{ op: 'glob', pattern }` validates `pattern` and forbids line terminators; `{ comment }` validates `comment` and forbids line terminators; any other object shape throws `TypeError`.
Severity
8.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
5 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| shell-quote |
Affected:
1.1.0 , < 1.8.4
(semver)
|
Credits
Akshat Sinha (@akshatgit)
Jordan Harband (@ljharb)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-9277",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-22T14:17:31.964845Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-22T14:17:39.549Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-05-23T03:04:40.537Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/23/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.npmjs.com/package/shell-quote",
"defaultStatus": "unaffected",
"packageName": "shell-quote",
"product": "shell-quote",
"programFiles": [
"quote.js"
],
"repo": "https://github.com/ljharb/shell-quote",
"versions": [
{
"lessThan": "1.8.4",
"status": "affected",
"version": "1.1.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Akshat Sinha (@akshatgit)"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Jordan Harband (@ljharb)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eshell-quote\u0027s `quote()` function did not validate object-token inputs against the operator model used by `parse()`. The `.op` field was backslash-escaped character by character using `/(.)/g`, which in JavaScript does not match line terminators (\\n, \\r, U+2028, U+2029). A line terminator in `.op` therefore passed through unescaped into the output; POSIX shells treat a literal newline as a command separator, so any content after it would execute as a second command. The vulnerable code path is reachable in two ways: (1) direct construction of `{ op: \u0027...\\n...\u0027 }` from external input, and (2) via `parse(cmd, envFn)` when `envFn` returns object tokens whose `.op` is attacker-influenced. Both are documented API surface. Fixed by replacing the per-character escape with strict shape validation: `.op` must match the parser\u0027s control-operator allowlist; `{ op: \u0027glob\u0027, pattern }` validates `pattern` and forbids line terminators; `{ comment }` validates `comment` and forbids line terminators; any other object shape throws `TypeError`.\u003c/p\u003e"
}
],
"value": "shell-quote\u0027s `quote()` function did not validate object-token inputs against the operator model used by `parse()`. The `.op` field was backslash-escaped character by character using `/(.)/g`, which in JavaScript does not match line terminators (\\n, \\r, U+2028, U+2029). A line terminator in `.op` therefore passed through unescaped into the output; POSIX shells treat a literal newline as a command separator, so any content after it would execute as a second command. The vulnerable code path is reachable in two ways: (1) direct construction of `{ op: \u0027...\\n...\u0027 }` from external input, and (2) via `parse(cmd, envFn)` when `envFn` returns object tokens whose `.op` is attacker-influenced. Both are documented API surface. Fixed by replacing the per-character escape with strict shape validation: `.op` must match the parser\u0027s control-operator allowlist; `{ op: \u0027glob\u0027, pattern }` validates `pattern` and forbids line terminators; `{ comment }` validates `comment` and forbids line terminators; any other object shape throws `TypeError`."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-22T13:22:38.873Z",
"orgId": "7ffcee3d-2c14-4c3e-b844-86c6a321a158",
"shortName": "harborist"
},
"references": [
{
"name": "GHSA-w7jw-789q-3m8p",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p"
},
{
"name": "Fix commit",
"tags": [
"patch"
],
"url": "https://github.com/ljharb/shell-quote/commit/1518179"
},
{
"tags": [
"product"
],
"url": "https://github.com/ljharb/shell-quote"
},
{
"tags": [
"product"
],
"url": "https://www.npmjs.com/package/shell-quote"
}
],
"source": {
"advisory": "GHSA-w7jw-789q-3m8p",
"discovery": "EXTERNAL"
},
"title": "shell-quote `quote()` does not validate object-token shapes, allowing command injection via line terminators in `.op`"
}
},
"cveMetadata": {
"assignerOrgId": "7ffcee3d-2c14-4c3e-b844-86c6a321a158",
"assignerShortName": "harborist",
"cveId": "CVE-2026-9277",
"datePublished": "2026-05-22T13:22:38.873Z",
"dateReserved": "2026-05-22T12:13:25.893Z",
"dateUpdated": "2026-05-23T03:04:40.537Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-9277",
"date": "2026-06-16",
"epss": "0.00552",
"percentile": "0.41619"
},
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-9277\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-22T14:17:31.964845Z\"}}}], \"references\": [{\"url\": \"https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-22T14:17:25.193Z\"}}], \"cna\": {\"title\": \"shell-quote `quote()` does not validate object-token shapes, allowing command injection via line terminators in `.op`\", \"source\": {\"advisory\": \"GHSA-w7jw-789q-3m8p\", \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Akshat Sinha (@akshatgit)\"}, {\"lang\": \"en\", \"type\": \"remediation developer\", \"value\": \"Jordan Harband (@ljharb)\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 9.2, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N\", \"exploitMaturity\": \"NOT_DEFINED\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"repo\": \"https://github.com/ljharb/shell-quote\", \"product\": \"shell-quote\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.1.0\", \"lessThan\": \"1.8.4\", \"versionType\": \"semver\"}], \"packageName\": \"shell-quote\", \"programFiles\": [\"quote.js\"], \"collectionURL\": \"https://www.npmjs.com/package/shell-quote\", \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p\", \"name\": \"GHSA-w7jw-789q-3m8p\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://github.com/ljharb/shell-quote/commit/1518179\", \"name\": \"Fix commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/ljharb/shell-quote\", \"tags\": [\"product\"]}, {\"url\": \"https://www.npmjs.com/package/shell-quote\", \"tags\": [\"product\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"shell-quote\u0027s `quote()` function did not validate object-token inputs against the operator model used by `parse()`. The `.op` field was backslash-escaped character by character using `/(.)/g`, which in JavaScript does not match line terminators (\\\\n, \\\\r, U+2028, U+2029). A line terminator in `.op` therefore passed through unescaped into the output; POSIX shells treat a literal newline as a command separator, so any content after it would execute as a second command. The vulnerable code path is reachable in two ways: (1) direct construction of `{ op: \u0027...\\\\n...\u0027 }` from external input, and (2) via `parse(cmd, envFn)` when `envFn` returns object tokens whose `.op` is attacker-influenced. Both are documented API surface. Fixed by replacing the per-character escape with strict shape validation: `.op` must match the parser\u0027s control-operator allowlist; `{ op: \u0027glob\u0027, pattern }` validates `pattern` and forbids line terminators; `{ comment }` validates `comment` and forbids line terminators; any other object shape throws `TypeError`.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eshell-quote\u0027s `quote()` function did not validate object-token inputs against the operator model used by `parse()`. The `.op` field was backslash-escaped character by character using `/(.)/g`, which in JavaScript does not match line terminators (\\\\n, \\\\r, U+2028, U+2029). A line terminator in `.op` therefore passed through unescaped into the output; POSIX shells treat a literal newline as a command separator, so any content after it would execute as a second command. The vulnerable code path is reachable in two ways: (1) direct construction of `{ op: \u0027...\\\\n...\u0027 }` from external input, and (2) via `parse(cmd, envFn)` when `envFn` returns object tokens whose `.op` is attacker-influenced. Both are documented API surface. Fixed by replacing the per-character escape with strict shape validation: `.op` must match the parser\u0027s control-operator allowlist; `{ op: \u0027glob\u0027, pattern }` validates `pattern` and forbids line terminators; `{ comment }` validates `comment` and forbids line terminators; any other object shape throws `TypeError`.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-78\", \"description\": \"CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-77\", \"description\": \"CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"7ffcee3d-2c14-4c3e-b844-86c6a321a158\", \"shortName\": \"harborist\", \"dateUpdated\": \"2026-05-22T13:22:38.873Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-9277\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-22T14:17:39.549Z\", \"dateReserved\": \"2026-05-22T12:13:25.893Z\", \"assignerOrgId\": \"7ffcee3d-2c14-4c3e-b844-86c6a321a158\", \"datePublished\": \"2026-05-22T13:22:38.873Z\", \"assignerShortName\": \"harborist\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
FKIE_CVE-2026-9277
Vulnerability from fkie_nvd - Published: 2026-05-22 14:16 - Updated: 2026-05-23 04:16
Severity
Summary
shell-quote's `quote()` function did not validate object-token inputs against the operator model used by `parse()`. The `.op` field was backslash-escaped character by character using `/(.)/g`, which in JavaScript does not match line terminators (\n, \r, U+2028, U+2029). A line terminator in `.op` therefore passed through unescaped into the output; POSIX shells treat a literal newline as a command separator, so any content after it would execute as a second command. The vulnerable code path is reachable in two ways: (1) direct construction of `{ op: '...\n...' }` from external input, and (2) via `parse(cmd, envFn)` when `envFn` returns object tokens whose `.op` is attacker-influenced. Both are documented API surface. Fixed by replacing the per-character escape with strict shape validation: `.op` must match the parser's control-operator allowlist; `{ op: 'glob', pattern }` validates `pattern` and forbids line terminators; `{ comment }` validates `comment` and forbids line terminators; any other object shape throws `TypeError`.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "shell-quote\u0027s `quote()` function did not validate object-token inputs against the operator model used by `parse()`. The `.op` field was backslash-escaped character by character using `/(.)/g`, which in JavaScript does not match line terminators (\\n, \\r, U+2028, U+2029). A line terminator in `.op` therefore passed through unescaped into the output; POSIX shells treat a literal newline as a command separator, so any content after it would execute as a second command. The vulnerable code path is reachable in two ways: (1) direct construction of `{ op: \u0027...\\n...\u0027 }` from external input, and (2) via `parse(cmd, envFn)` when `envFn` returns object tokens whose `.op` is attacker-influenced. Both are documented API surface. Fixed by replacing the per-character escape with strict shape validation: `.op` must match the parser\u0027s control-operator allowlist; `{ op: \u0027glob\u0027, pattern }` validates `pattern` and forbids line terminators; `{ comment }` validates `comment` and forbids line terminators; any other object shape throws `TypeError`."
}
],
"id": "CVE-2026-9277",
"lastModified": "2026-05-23T04:16:40.053",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "7ffcee3d-2c14-4c3e-b844-86c6a321a158",
"type": "Secondary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "7ffcee3d-2c14-4c3e-b844-86c6a321a158",
"type": "Secondary"
}
]
},
"published": "2026-05-22T14:16:30.330",
"references": [
{
"source": "7ffcee3d-2c14-4c3e-b844-86c6a321a158",
"url": "https://github.com/ljharb/shell-quote"
},
{
"source": "7ffcee3d-2c14-4c3e-b844-86c6a321a158",
"url": "https://github.com/ljharb/shell-quote/commit/1518179"
},
{
"source": "7ffcee3d-2c14-4c3e-b844-86c6a321a158",
"url": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p"
},
{
"source": "7ffcee3d-2c14-4c3e-b844-86c6a321a158",
"url": "https://www.npmjs.com/package/shell-quote"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2026/05/23/2"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"url": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p"
}
],
"sourceIdentifier": "7ffcee3d-2c14-4c3e-b844-86c6a321a158",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
},
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "7ffcee3d-2c14-4c3e-b844-86c6a321a158",
"type": "Secondary"
}
]
}
GHSA-W7JW-789Q-3M8P
Vulnerability from github – Published: 2026-06-09 14:27 – Updated: 2026-06-09 14:27
VLAI
Summary
shell-quote quote() does not escape newlines in object .op values
Details
Summary
shell-quote's quote() function did not validate object-token inputs against the operator model used by parse(). The .op field was backslash-escaped character by character using /(.)/g, which in JavaScript does not match line terminators (\n, \r, U+2028, U+2029). A line terminator in .op therefore passed through unescaped into the output; POSIX shells treat a literal \n as a command separator, so any content after it would execute as a second command.
The vulnerable code path is reachable in two ways. Neither requires the parser to misbehave — parse() only emits ops from a fixed control set — but both are documented API surface:
- Direct construction. A caller builds
{ op: '...\n...' }from external input (e.g. a deserialized argument array) and passes it toquote(). envFnreturn.parse(cmd, envFn)is documented to splice the return value ofenvFninto the result array when it is an object. An attacker-influenced data source consulted byenvFncan introduce an object token whose.opreachesquote().
Impact
Shell command injection in callers that pass object tokens with attacker-influenced .op values to quote() and then hand the result to a shell. The preconditions are narrower than ordinary string injection — they require the caller to feed object tokens into quote() — but object tokens are a public, documented part of the API surface, and quote() is intended to be a shell-safety boundary.
PoC
const { parse, quote } = require('shell-quote');
// Direct construction
quote([{ op: ';\nid' }]);
// → "\;\n\\i\\d" ← literal newline; second line executes as a command
// Via parse() with an envFn returning attacker-shaped objects
const tokens = parse('echo $X', () => ({ op: ';\nid' }));
require('child_process').execSync(quote(tokens), { shell: true });
// Executes `id` after `echo \;`.
Confirmed under sh, bash, dash, and zsh.
Patch
Fixed by replacing the per-character escape with strict shape validation in quote(). The object-token branch now:
{ op }—.opmust be a string from the same allowlist the parser emits (||,&&,;;,|&,<(,<<<,>>,>&,<&,&,;,(,),|,<,>). Anything else throwsTypeError. This is the direct fix for the reported issue and removes the entire class of.opinjection.{ op: 'glob', pattern }—.patternmust be a string with no line terminators. Glob metacharacters (*,?,[,],{,},,) pass through; all other shell-special characters are backslash-escaped. (Previously the pattern field was discarded entirely and the literal string\g\l\o\bwas emitted — a latent bug, not security-relevant.){ comment }—.commentmust be a string with no line terminators (line terminators would end the shell comment and resume command parsing — same injection shape).- Any other object shape —
TypeError.
The fix is allowlist-based rather than a targeted regex tweak, so it closes the reported vector and forecloses adjacent ones (U+2028 / U+2029 line separators in .op, line terminators in comments, unknown-shape objects coerced through .replace).
Workarounds
Prior to upgrading, callers that build object tokens from untrusted input should validate .op against the parser's operator set themselves, and never construct { op } from attacker-controlled strings.
Credits
Reported by Akshat Sinha
Severity
8.1 (High)
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 1.8.3"
},
"package": {
"ecosystem": "npm",
"name": "shell-quote"
},
"ranges": [
{
"events": [
{
"introduced": "1.1.0"
},
{
"fixed": "1.8.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-9277"
],
"database_specific": {
"cwe_ids": [
"CWE-77",
"CWE-78"
],
"github_reviewed": true,
"github_reviewed_at": "2026-06-09T14:27:15Z",
"nvd_published_at": "2026-05-22T14:16:30Z",
"severity": "CRITICAL"
},
"details": "### Summary\n\n`shell-quote`\u0027s `quote()` function did not validate object-token inputs against the operator model used by `parse()`. The `.op` field was backslash-escaped character by character using `/(.)/g`, which in JavaScript does not match line terminators (`\\n`, `\\r`, U+2028, U+2029). A line terminator in `.op` therefore passed through unescaped into the output; POSIX shells treat a literal `\\n` as a command separator, so any content after it would execute as a second command.\n\nThe vulnerable code path is reachable in two ways. Neither requires the parser to misbehave \u2014 `parse()` only emits ops from a fixed control set \u2014 but both are documented API surface:\n\n1. **Direct construction.** A caller builds `{ op: \u0027...\\n...\u0027 }` from external input (e.g. a deserialized argument array) and passes it to `quote()`.\n2. **`envFn` return.** `parse(cmd, envFn)` is documented to splice the return value of `envFn` into the result array when it is an object. An attacker-influenced data source consulted by `envFn` can introduce an object token whose `.op` reaches `quote()`.\n\n### Impact\n\nShell command injection in callers that pass object tokens with attacker-influenced `.op` values to `quote()` and then hand the result to a shell. The preconditions are narrower than ordinary string injection \u2014 they require the caller to feed object tokens into `quote()` \u2014 but object tokens are a public, documented part of the API surface, and `quote()` is intended to be a shell-safety boundary.\n\n### PoC\n\n```js\nconst { parse, quote } = require(\u0027shell-quote\u0027);\n\n// Direct construction\nquote([{ op: \u0027;\\nid\u0027 }]);\n// \u2192 \"\\;\\n\\\\i\\\\d\" \u2190 literal newline; second line executes as a command\n\n// Via parse() with an envFn returning attacker-shaped objects\nconst tokens = parse(\u0027echo $X\u0027, () =\u003e ({ op: \u0027;\\nid\u0027 }));\nrequire(\u0027child_process\u0027).execSync(quote(tokens), { shell: true });\n// Executes `id` after `echo \\;`.\n```\n\nConfirmed under `sh`, `bash`, `dash`, and `zsh`.\n\n### Patch\n\nFixed by replacing the per-character escape with strict shape validation in `quote()`. The object-token branch now:\n\n- **`{ op }`** \u2014 `.op` must be a string from the same allowlist the parser emits (`||`, `\u0026\u0026`, `;;`, `|\u0026`, `\u003c(`, `\u003c\u003c\u003c`, `\u003e\u003e`, `\u003e\u0026`, `\u003c\u0026`, `\u0026`, `;`, `(`, `)`, `|`, `\u003c`, `\u003e`). Anything else throws `TypeError`. This is the direct fix for the reported issue and removes the entire class of `.op` injection.\n- **`{ op: \u0027glob\u0027, pattern }`** \u2014 `.pattern` must be a string with no line terminators. Glob metacharacters (`*`, `?`, `[`, `]`, `{`, `}`, `,`) pass through; all other shell-special characters are backslash-escaped. (Previously the pattern field was discarded entirely and the literal string `\\g\\l\\o\\b` was emitted \u2014 a latent bug, not security-relevant.)\n- **`{ comment }`** \u2014 `.comment` must be a string with no line terminators (line terminators would end the shell comment and resume command parsing \u2014 same injection shape).\n- **Any other object shape** \u2014 `TypeError`.\n\nThe fix is allowlist-based rather than a targeted regex tweak, so it closes the reported vector and forecloses adjacent ones (U+2028 / U+2029 line separators in `.op`, line terminators in comments, unknown-shape objects coerced through `.replace`).\n\n### Workarounds\n\nPrior to upgrading, callers that build object tokens from untrusted input should validate `.op` against the parser\u0027s operator set themselves, and never construct `{ op }` from attacker-controlled strings.\n\n### Credits\n\nReported by Akshat Sinha",
"id": "GHSA-w7jw-789q-3m8p",
"modified": "2026-06-09T14:27:15Z",
"published": "2026-06-09T14:27:15Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9277"
},
{
"type": "WEB",
"url": "https://github.com/ljharb/shell-quote/commit/1518179"
},
{
"type": "PACKAGE",
"url": "https://github.com/ljharb/shell-quote"
},
{
"type": "WEB",
"url": "https://www.npmjs.com/package/shell-quote"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2026/05/23/2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "shell-quote quote() does not escape newlines in object .op values"
}
OPENSUSE-SU-2026:20839-1
Vulnerability from csaf_opensuse - Published: 2026-05-28 12:20 - Updated: 2026-05-28 12:20Summary
Security update for python-pytest-html
Severity
Important
Notes
Title of the patch: Security update for python-pytest-html
Description of the patch: This update for python-pytest-html fixes the following issues:
Changes in python-pytest-html:
- CVE-2026-9277: shell-quote: improper escaping of newlines (bsc#1266254)
Update the vendored shell-quote to 1.8.4 node_modules
Patchnames: openSUSE-Leap-16.0-packagehub-278
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:python313-pytest-html-4.1.1-bp160.2.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
References
6 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for python-pytest-html",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for python-pytest-html fixes the following issues:\n\nChanges in python-pytest-html:\n\n- CVE-2026-9277: shell-quote: improper escaping of newlines (bsc#1266254)\n Update the vendored shell-quote to 1.8.4 node_modules\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Leap-16.0-packagehub-278",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_20839-1.json"
},
{
"category": "self",
"summary": "SUSE Bug 1266254",
"url": "https://bugzilla.suse.com/1266254"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-9277 page",
"url": "https://www.suse.com/security/cve/CVE-2026-9277/"
}
],
"title": "Security update for python-pytest-html",
"tracking": {
"current_release_date": "2026-05-28T12:20:45Z",
"generator": {
"date": "2026-05-28T12:20:45Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:20839-1",
"initial_release_date": "2026-05-28T12:20:45Z",
"revision_history": [
{
"date": "2026-05-28T12:20:45Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python313-pytest-html-4.1.1-bp160.2.1.noarch",
"product": {
"name": "python313-pytest-html-4.1.1-bp160.2.1.noarch",
"product_id": "python313-pytest-html-4.1.1-bp160.2.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 16.0",
"product": {
"name": "openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python313-pytest-html-4.1.1-bp160.2.1.noarch as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:python313-pytest-html-4.1.1-bp160.2.1.noarch"
},
"product_reference": "python313-pytest-html-4.1.1-bp160.2.1.noarch",
"relates_to_product_reference": "openSUSE Leap 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-9277",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-9277"
}
],
"notes": [
{
"category": "general",
"text": "shell-quote\u0027s `quote()` function did not validate object-token inputs against the operator model used by `parse()`. The `.op` field was backslash-escaped character by character using `/(.)/g`, which in JavaScript does not match line terminators (\\n, \\r, U+2028, U+2029). A line terminator in `.op` therefore passed through unescaped into the output; POSIX shells treat a literal newline as a command separator, so any content after it would execute as a second command. The vulnerable code path is reachable in two ways: (1) direct construction of `{ op: \u0027...\\n...\u0027 }` from external input, and (2) via `parse(cmd, envFn)` when `envFn` returns object tokens whose `.op` is attacker-influenced. Both are documented API surface. Fixed by replacing the per-character escape with strict shape validation: `.op` must match the parser\u0027s control-operator allowlist; `{ op: \u0027glob\u0027, pattern }` validates `pattern` and forbids line terminators; `{ comment }` validates `comment` and forbids line terminators; any other object shape throws `TypeError`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:python313-pytest-html-4.1.1-bp160.2.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-9277",
"url": "https://www.suse.com/security/cve/CVE-2026-9277"
},
{
"category": "external",
"summary": "SUSE Bug 1266249 for CVE-2026-9277",
"url": "https://bugzilla.suse.com/1266249"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:python313-pytest-html-4.1.1-bp160.2.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:python313-pytest-html-4.1.1-bp160.2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-28T12:20:45Z",
"details": "important"
}
],
"title": "CVE-2026-9277"
}
]
}
RHSA-2026:26072
Vulnerability from csaf_redhat - Published: 2026-06-15 21:28 - Updated: 2026-06-16 09:37Summary
Red Hat Security Advisory: Kiali 1.73.32 for Red Hat OpenShift Service Mesh 2.6
Severity
Important
Notes
Topic: Kiali 1.73.32 for Red Hat OpenShift Service Mesh 2.6 is now available.
An update is now available for Red Hat OpenShift Service Mesh 2.6. This advisory contains the RPM packages for the Kiali component.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Kiali 1.73.32, for Red Hat OpenShift Service Mesh 2.6, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently.
Security Fix(es):
* CVE-2026-9277 openshift-service-mesh/kiali-rhel8: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators (OSSM-13906)
* CVE-2026-9277 openshift-service-mesh/kiali-ossmc-rhel8: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators (OSSM-13905)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the shell-quote component. The quote() function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpret as a command separator. This could lead to command injection, enabling the attacker to execute arbitrary code on the system.
8.1 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:1f41803cee88176e33d38072cdbbdee12a65ce3e277bcb86208589b15b8f5617_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:2e34b2e8093a73db6291d08f97c8d0024eae1501234d357106756b755c53c95f_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:5e8c9a77b41e4fb0b2ce4efc8202e157a9cc10eee21e3faa7b8fe99a378bea11_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:b5519a778cabdcb0e5be55a7623494dd375531a0b1ecc6510b0bf2ae831ab171_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:0425fb2f7d03cb753a5320b4e0c5f37cb1475ca9b73f1a2dbff26c59f1729edf_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:415828a4267fd071d4684ed15363916253441fd265e4fbc19eee79ae56af5e57_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:53ba9d76efb63ba3c173162e6077d6e6e69ab35f6729e8d398b5c5e710bdc282_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:9a87cf26aab9064de279d53d1d599a85f7e4d9a40c50ea6f427fd54e64c6379d_arm64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
References
13 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Kiali 1.73.32 for Red Hat OpenShift Service Mesh 2.6 is now available.\nAn update is now available for Red Hat OpenShift Service Mesh 2.6. This advisory contains the RPM packages for the Kiali component.\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Kiali 1.73.32, for Red Hat OpenShift Service Mesh 2.6, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently.\n\nSecurity Fix(es):\n\n* CVE-2026-9277 openshift-service-mesh/kiali-rhel8: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators (OSSM-13906)\n* CVE-2026-9277 openshift-service-mesh/kiali-ossmc-rhel8: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators (OSSM-13905)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:26072",
"url": "https://access.redhat.com/errata/RHSA-2026:26072"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-9277",
"url": "https://access.redhat.com/security/cve/CVE-2026-9277"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification",
"url": "https://access.redhat.com/security/updates/classification"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26072.json"
}
],
"title": "Red Hat Security Advisory: Kiali 1.73.32 for Red Hat OpenShift Service Mesh 2.6",
"tracking": {
"current_release_date": "2026-06-16T09:37:11+00:00",
"generator": {
"date": "2026-06-16T09:37:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2026:26072",
"initial_release_date": "2026-06-15T21:28:41+00:00",
"revision_history": [
{
"date": "2026-06-15T21:28:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-15T21:28:50+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-16T09:37:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Service Mesh 2.6",
"product": {
"name": "Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.6::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:0425fb2f7d03cb753a5320b4e0c5f37cb1475ca9b73f1a2dbff26c59f1729edf_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:0425fb2f7d03cb753a5320b4e0c5f37cb1475ca9b73f1a2dbff26c59f1729edf_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:0425fb2f7d03cb753a5320b4e0c5f37cb1475ca9b73f1a2dbff26c59f1729edf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256%3A0425fb2f7d03cb753a5320b4e0c5f37cb1475ca9b73f1a2dbff26c59f1729edf?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1780916536"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:b5519a778cabdcb0e5be55a7623494dd375531a0b1ecc6510b0bf2ae831ab171_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:b5519a778cabdcb0e5be55a7623494dd375531a0b1ecc6510b0bf2ae831ab171_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:b5519a778cabdcb0e5be55a7623494dd375531a0b1ecc6510b0bf2ae831ab171_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256%3Ab5519a778cabdcb0e5be55a7623494dd375531a0b1ecc6510b0bf2ae831ab171?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1780907585"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:9a87cf26aab9064de279d53d1d599a85f7e4d9a40c50ea6f427fd54e64c6379d_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:9a87cf26aab9064de279d53d1d599a85f7e4d9a40c50ea6f427fd54e64c6379d_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:9a87cf26aab9064de279d53d1d599a85f7e4d9a40c50ea6f427fd54e64c6379d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256%3A9a87cf26aab9064de279d53d1d599a85f7e4d9a40c50ea6f427fd54e64c6379d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1780916536"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:2e34b2e8093a73db6291d08f97c8d0024eae1501234d357106756b755c53c95f_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:2e34b2e8093a73db6291d08f97c8d0024eae1501234d357106756b755c53c95f_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:2e34b2e8093a73db6291d08f97c8d0024eae1501234d357106756b755c53c95f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256%3A2e34b2e8093a73db6291d08f97c8d0024eae1501234d357106756b755c53c95f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1780907585"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:415828a4267fd071d4684ed15363916253441fd265e4fbc19eee79ae56af5e57_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:415828a4267fd071d4684ed15363916253441fd265e4fbc19eee79ae56af5e57_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:415828a4267fd071d4684ed15363916253441fd265e4fbc19eee79ae56af5e57_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256%3A415828a4267fd071d4684ed15363916253441fd265e4fbc19eee79ae56af5e57?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1780916536"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:1f41803cee88176e33d38072cdbbdee12a65ce3e277bcb86208589b15b8f5617_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:1f41803cee88176e33d38072cdbbdee12a65ce3e277bcb86208589b15b8f5617_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:1f41803cee88176e33d38072cdbbdee12a65ce3e277bcb86208589b15b8f5617_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256%3A1f41803cee88176e33d38072cdbbdee12a65ce3e277bcb86208589b15b8f5617?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1780907585"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:53ba9d76efb63ba3c173162e6077d6e6e69ab35f6729e8d398b5c5e710bdc282_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:53ba9d76efb63ba3c173162e6077d6e6e69ab35f6729e8d398b5c5e710bdc282_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:53ba9d76efb63ba3c173162e6077d6e6e69ab35f6729e8d398b5c5e710bdc282_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256%3A53ba9d76efb63ba3c173162e6077d6e6e69ab35f6729e8d398b5c5e710bdc282?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1780916536"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:5e8c9a77b41e4fb0b2ce4efc8202e157a9cc10eee21e3faa7b8fe99a378bea11_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:5e8c9a77b41e4fb0b2ce4efc8202e157a9cc10eee21e3faa7b8fe99a378bea11_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:5e8c9a77b41e4fb0b2ce4efc8202e157a9cc10eee21e3faa7b8fe99a378bea11_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256%3A5e8c9a77b41e4fb0b2ce4efc8202e157a9cc10eee21e3faa7b8fe99a378bea11?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1780907585"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:1f41803cee88176e33d38072cdbbdee12a65ce3e277bcb86208589b15b8f5617_ppc64le as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:1f41803cee88176e33d38072cdbbdee12a65ce3e277bcb86208589b15b8f5617_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:1f41803cee88176e33d38072cdbbdee12a65ce3e277bcb86208589b15b8f5617_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:2e34b2e8093a73db6291d08f97c8d0024eae1501234d357106756b755c53c95f_arm64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:2e34b2e8093a73db6291d08f97c8d0024eae1501234d357106756b755c53c95f_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:2e34b2e8093a73db6291d08f97c8d0024eae1501234d357106756b755c53c95f_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:5e8c9a77b41e4fb0b2ce4efc8202e157a9cc10eee21e3faa7b8fe99a378bea11_s390x as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:5e8c9a77b41e4fb0b2ce4efc8202e157a9cc10eee21e3faa7b8fe99a378bea11_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:5e8c9a77b41e4fb0b2ce4efc8202e157a9cc10eee21e3faa7b8fe99a378bea11_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:b5519a778cabdcb0e5be55a7623494dd375531a0b1ecc6510b0bf2ae831ab171_amd64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:b5519a778cabdcb0e5be55a7623494dd375531a0b1ecc6510b0bf2ae831ab171_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:b5519a778cabdcb0e5be55a7623494dd375531a0b1ecc6510b0bf2ae831ab171_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:0425fb2f7d03cb753a5320b4e0c5f37cb1475ca9b73f1a2dbff26c59f1729edf_amd64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:0425fb2f7d03cb753a5320b4e0c5f37cb1475ca9b73f1a2dbff26c59f1729edf_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:0425fb2f7d03cb753a5320b4e0c5f37cb1475ca9b73f1a2dbff26c59f1729edf_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:415828a4267fd071d4684ed15363916253441fd265e4fbc19eee79ae56af5e57_ppc64le as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:415828a4267fd071d4684ed15363916253441fd265e4fbc19eee79ae56af5e57_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:415828a4267fd071d4684ed15363916253441fd265e4fbc19eee79ae56af5e57_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:53ba9d76efb63ba3c173162e6077d6e6e69ab35f6729e8d398b5c5e710bdc282_s390x as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:53ba9d76efb63ba3c173162e6077d6e6e69ab35f6729e8d398b5c5e710bdc282_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:53ba9d76efb63ba3c173162e6077d6e6e69ab35f6729e8d398b5c5e710bdc282_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:9a87cf26aab9064de279d53d1d599a85f7e4d9a40c50ea6f427fd54e64c6379d_arm64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:9a87cf26aab9064de279d53d1d599a85f7e4d9a40c50ea6f427fd54e64c6379d_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:9a87cf26aab9064de279d53d1d599a85f7e4d9a40c50ea6f427fd54e64c6379d_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-9277",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2026-05-22T14:01:14.427751+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480741"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the shell-quote component. The quote() function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpret as a command separator. This could lead to command injection, enabling the attacker to execute arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:1f41803cee88176e33d38072cdbbdee12a65ce3e277bcb86208589b15b8f5617_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:2e34b2e8093a73db6291d08f97c8d0024eae1501234d357106756b755c53c95f_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:5e8c9a77b41e4fb0b2ce4efc8202e157a9cc10eee21e3faa7b8fe99a378bea11_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:b5519a778cabdcb0e5be55a7623494dd375531a0b1ecc6510b0bf2ae831ab171_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:0425fb2f7d03cb753a5320b4e0c5f37cb1475ca9b73f1a2dbff26c59f1729edf_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:415828a4267fd071d4684ed15363916253441fd265e4fbc19eee79ae56af5e57_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:53ba9d76efb63ba3c173162e6077d6e6e69ab35f6729e8d398b5c5e710bdc282_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:9a87cf26aab9064de279d53d1d599a85f7e4d9a40c50ea6f427fd54e64c6379d_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-9277"
},
{
"category": "external",
"summary": "RHBZ#2480741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480741"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-9277",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9277"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9277",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9277"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote",
"url": "https://github.com/ljharb/shell-quote"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote/commit/1518179",
"url": "https://github.com/ljharb/shell-quote/commit/1518179"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p",
"url": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/shell-quote",
"url": "https://www.npmjs.com/package/shell-quote"
}
],
"release_date": "2026-05-22T13:22:38.873000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-15T21:28:41+00:00",
"details": "See Kiali 1.73.32 documentation at https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/service_mesh/service-mesh-2-x",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:1f41803cee88176e33d38072cdbbdee12a65ce3e277bcb86208589b15b8f5617_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:2e34b2e8093a73db6291d08f97c8d0024eae1501234d357106756b755c53c95f_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:5e8c9a77b41e4fb0b2ce4efc8202e157a9cc10eee21e3faa7b8fe99a378bea11_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:b5519a778cabdcb0e5be55a7623494dd375531a0b1ecc6510b0bf2ae831ab171_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:0425fb2f7d03cb753a5320b4e0c5f37cb1475ca9b73f1a2dbff26c59f1729edf_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:415828a4267fd071d4684ed15363916253441fd265e4fbc19eee79ae56af5e57_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:53ba9d76efb63ba3c173162e6077d6e6e69ab35f6729e8d398b5c5e710bdc282_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:9a87cf26aab9064de279d53d1d599a85f7e4d9a40c50ea6f427fd54e64c6379d_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26072"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:1f41803cee88176e33d38072cdbbdee12a65ce3e277bcb86208589b15b8f5617_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:2e34b2e8093a73db6291d08f97c8d0024eae1501234d357106756b755c53c95f_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:5e8c9a77b41e4fb0b2ce4efc8202e157a9cc10eee21e3faa7b8fe99a378bea11_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:b5519a778cabdcb0e5be55a7623494dd375531a0b1ecc6510b0bf2ae831ab171_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:0425fb2f7d03cb753a5320b4e0c5f37cb1475ca9b73f1a2dbff26c59f1729edf_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:415828a4267fd071d4684ed15363916253441fd265e4fbc19eee79ae56af5e57_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:53ba9d76efb63ba3c173162e6077d6e6e69ab35f6729e8d398b5c5e710bdc282_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:9a87cf26aab9064de279d53d1d599a85f7e4d9a40c50ea6f427fd54e64c6379d_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators"
}
]
}
RHSA-2026:26077
Vulnerability from csaf_redhat - Published: 2026-06-15 22:11 - Updated: 2026-06-16 23:10Summary
Red Hat Security Advisory: Kiali 2.11.12 for Red Hat OpenShift Service Mesh 3.1
Severity
Important
Notes
Topic: Kiali 2.11.12 for Red Hat OpenShift Service Mesh 3.1 is now available.
An update is now available for Red Hat OpenShift Service Mesh 3.1. This advisory contains the RPM packages for the Kiali component.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Kiali 2.11.12, for Red Hat OpenShift Service Mesh 3.1, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently.
Security Fix(es):
* CVE-2026-32281 redhat-user-workloads/kiali-3-1: Go crypto/x509: Denial of Service via inefficient certificate chain validation (ossm-13868)
* CVE-2026-9277 openshift-service-mesh/kiali-ossmc-rhel9: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators (ossm-13909)
* CVE-2026-9277 openshift-service-mesh/kiali-rhel9: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators (ossm-13913)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the shell-quote component. The quote() function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpret as a command separator. This could lead to command injection, enabling the attacker to execute arbitrary code on the system.
8.1 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:626653a4f6e9c2c047cfb66d1bdd667e4fdf8fdc3d84c3fc06defb19fe976958_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6d03aff1601a0380a8a8346ed8df9e032134d0ab4d6143ee93fd64e57971ee43_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7e59e57089fb732a2053dc8b5aa5d83c944bf5e720ee874dec579ecb8bbdc630_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:bf317da1aa106f4ad08eae11a822fd5d4c81c698ce939e12055a7d5f639b6432_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dad7ea2d7bd1843dff0fbfbee9b6356a0d3356074966e2ad5eceb08a139ffae_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2b86f08b8e454f2b44cf38bf92b0146100960db8c21bf0145594428b0547de08_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:3dd39ad7ffcf143d82203f5de0cddb42834642dbcab56a27df78fbf1875d8039_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a3a6c4465595a52d7c9ec7acdde38dc655ae8aaf5af6925738da00ab2514dc6e_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
5.9 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dad7ea2d7bd1843dff0fbfbee9b6356a0d3356074966e2ad5eceb08a139ffae_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2b86f08b8e454f2b44cf38bf92b0146100960db8c21bf0145594428b0547de08_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:3dd39ad7ffcf143d82203f5de0cddb42834642dbcab56a27df78fbf1875d8039_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a3a6c4465595a52d7c9ec7acdde38dc655ae8aaf5af6925738da00ab2514dc6e_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:626653a4f6e9c2c047cfb66d1bdd667e4fdf8fdc3d84c3fc06defb19fe976958_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6d03aff1601a0380a8a8346ed8df9e032134d0ab4d6143ee93fd64e57971ee43_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7e59e57089fb732a2053dc8b5aa5d83c944bf5e720ee874dec579ecb8bbdc630_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:bf317da1aa106f4ad08eae11a822fd5d4c81c698ce939e12055a7d5f639b6432_arm64 | — |
Workaround
|
Threats
Impact
Moderate
References
22 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Kiali 2.11.12 for Red Hat OpenShift Service Mesh 3.1 is now available.\nAn update is now available for Red Hat OpenShift Service Mesh 3.1. This advisory contains the RPM packages for the Kiali component.\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Kiali 2.11.12, for Red Hat OpenShift Service Mesh 3.1, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently.\n\nSecurity Fix(es):\n\n* CVE-2026-32281 redhat-user-workloads/kiali-3-1: Go crypto/x509: Denial of Service via inefficient certificate chain validation (ossm-13868)\n\n* CVE-2026-9277 openshift-service-mesh/kiali-ossmc-rhel9: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators (ossm-13909)\n\n* CVE-2026-9277 openshift-service-mesh/kiali-rhel9: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators (ossm-13913)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:26077",
"url": "https://access.redhat.com/errata/RHSA-2026:26077"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-9277",
"url": "https://access.redhat.com/security/cve/CVE-2026-9277"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification",
"url": "https://access.redhat.com/security/updates/classification"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26077.json"
}
],
"title": "Red Hat Security Advisory: Kiali 2.11.12 for Red Hat OpenShift Service Mesh 3.1",
"tracking": {
"current_release_date": "2026-06-16T23:10:10+00:00",
"generator": {
"date": "2026-06-16T23:10:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2026:26077",
"initial_release_date": "2026-06-15T22:11:01+00:00",
"revision_history": [
{
"date": "2026-06-15T22:11:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-15T22:11:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-16T23:10:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Service Mesh 3.1",
"product": {
"name": "Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:3.1::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a3a6c4465595a52d7c9ec7acdde38dc655ae8aaf5af6925738da00ab2514dc6e_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a3a6c4465595a52d7c9ec7acdde38dc655ae8aaf5af6925738da00ab2514dc6e_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a3a6c4465595a52d7c9ec7acdde38dc655ae8aaf5af6925738da00ab2514dc6e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3Aa3a6c4465595a52d7c9ec7acdde38dc655ae8aaf5af6925738da00ab2514dc6e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9\u0026tag=1780916478"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7e59e57089fb732a2053dc8b5aa5d83c944bf5e720ee874dec579ecb8bbdc630_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7e59e57089fb732a2053dc8b5aa5d83c944bf5e720ee874dec579ecb8bbdc630_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7e59e57089fb732a2053dc8b5aa5d83c944bf5e720ee874dec579ecb8bbdc630_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A7e59e57089fb732a2053dc8b5aa5d83c944bf5e720ee874dec579ecb8bbdc630?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9\u0026tag=1780470706"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2b86f08b8e454f2b44cf38bf92b0146100960db8c21bf0145594428b0547de08_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2b86f08b8e454f2b44cf38bf92b0146100960db8c21bf0145594428b0547de08_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2b86f08b8e454f2b44cf38bf92b0146100960db8c21bf0145594428b0547de08_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A2b86f08b8e454f2b44cf38bf92b0146100960db8c21bf0145594428b0547de08?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9\u0026tag=1780916478"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:bf317da1aa106f4ad08eae11a822fd5d4c81c698ce939e12055a7d5f639b6432_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:bf317da1aa106f4ad08eae11a822fd5d4c81c698ce939e12055a7d5f639b6432_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:bf317da1aa106f4ad08eae11a822fd5d4c81c698ce939e12055a7d5f639b6432_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3Abf317da1aa106f4ad08eae11a822fd5d4c81c698ce939e12055a7d5f639b6432?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9\u0026tag=1780470706"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dad7ea2d7bd1843dff0fbfbee9b6356a0d3356074966e2ad5eceb08a139ffae_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dad7ea2d7bd1843dff0fbfbee9b6356a0d3356074966e2ad5eceb08a139ffae_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dad7ea2d7bd1843dff0fbfbee9b6356a0d3356074966e2ad5eceb08a139ffae_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A0dad7ea2d7bd1843dff0fbfbee9b6356a0d3356074966e2ad5eceb08a139ffae?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9\u0026tag=1780916478"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6d03aff1601a0380a8a8346ed8df9e032134d0ab4d6143ee93fd64e57971ee43_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6d03aff1601a0380a8a8346ed8df9e032134d0ab4d6143ee93fd64e57971ee43_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6d03aff1601a0380a8a8346ed8df9e032134d0ab4d6143ee93fd64e57971ee43_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A6d03aff1601a0380a8a8346ed8df9e032134d0ab4d6143ee93fd64e57971ee43?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9\u0026tag=1780470706"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:3dd39ad7ffcf143d82203f5de0cddb42834642dbcab56a27df78fbf1875d8039_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:3dd39ad7ffcf143d82203f5de0cddb42834642dbcab56a27df78fbf1875d8039_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:3dd39ad7ffcf143d82203f5de0cddb42834642dbcab56a27df78fbf1875d8039_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A3dd39ad7ffcf143d82203f5de0cddb42834642dbcab56a27df78fbf1875d8039?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9\u0026tag=1780916478"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:626653a4f6e9c2c047cfb66d1bdd667e4fdf8fdc3d84c3fc06defb19fe976958_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:626653a4f6e9c2c047cfb66d1bdd667e4fdf8fdc3d84c3fc06defb19fe976958_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:626653a4f6e9c2c047cfb66d1bdd667e4fdf8fdc3d84c3fc06defb19fe976958_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A626653a4f6e9c2c047cfb66d1bdd667e4fdf8fdc3d84c3fc06defb19fe976958?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9\u0026tag=1780470706"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:626653a4f6e9c2c047cfb66d1bdd667e4fdf8fdc3d84c3fc06defb19fe976958_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:626653a4f6e9c2c047cfb66d1bdd667e4fdf8fdc3d84c3fc06defb19fe976958_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:626653a4f6e9c2c047cfb66d1bdd667e4fdf8fdc3d84c3fc06defb19fe976958_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6d03aff1601a0380a8a8346ed8df9e032134d0ab4d6143ee93fd64e57971ee43_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6d03aff1601a0380a8a8346ed8df9e032134d0ab4d6143ee93fd64e57971ee43_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6d03aff1601a0380a8a8346ed8df9e032134d0ab4d6143ee93fd64e57971ee43_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7e59e57089fb732a2053dc8b5aa5d83c944bf5e720ee874dec579ecb8bbdc630_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7e59e57089fb732a2053dc8b5aa5d83c944bf5e720ee874dec579ecb8bbdc630_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7e59e57089fb732a2053dc8b5aa5d83c944bf5e720ee874dec579ecb8bbdc630_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:bf317da1aa106f4ad08eae11a822fd5d4c81c698ce939e12055a7d5f639b6432_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:bf317da1aa106f4ad08eae11a822fd5d4c81c698ce939e12055a7d5f639b6432_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:bf317da1aa106f4ad08eae11a822fd5d4c81c698ce939e12055a7d5f639b6432_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dad7ea2d7bd1843dff0fbfbee9b6356a0d3356074966e2ad5eceb08a139ffae_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dad7ea2d7bd1843dff0fbfbee9b6356a0d3356074966e2ad5eceb08a139ffae_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dad7ea2d7bd1843dff0fbfbee9b6356a0d3356074966e2ad5eceb08a139ffae_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2b86f08b8e454f2b44cf38bf92b0146100960db8c21bf0145594428b0547de08_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2b86f08b8e454f2b44cf38bf92b0146100960db8c21bf0145594428b0547de08_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2b86f08b8e454f2b44cf38bf92b0146100960db8c21bf0145594428b0547de08_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:3dd39ad7ffcf143d82203f5de0cddb42834642dbcab56a27df78fbf1875d8039_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:3dd39ad7ffcf143d82203f5de0cddb42834642dbcab56a27df78fbf1875d8039_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:3dd39ad7ffcf143d82203f5de0cddb42834642dbcab56a27df78fbf1875d8039_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a3a6c4465595a52d7c9ec7acdde38dc655ae8aaf5af6925738da00ab2514dc6e_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a3a6c4465595a52d7c9ec7acdde38dc655ae8aaf5af6925738da00ab2514dc6e_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a3a6c4465595a52d7c9ec7acdde38dc655ae8aaf5af6925738da00ab2514dc6e_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-9277",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2026-05-22T14:01:14.427751+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480741"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the shell-quote component. The quote() function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpret as a command separator. This could lead to command injection, enabling the attacker to execute arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:626653a4f6e9c2c047cfb66d1bdd667e4fdf8fdc3d84c3fc06defb19fe976958_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6d03aff1601a0380a8a8346ed8df9e032134d0ab4d6143ee93fd64e57971ee43_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7e59e57089fb732a2053dc8b5aa5d83c944bf5e720ee874dec579ecb8bbdc630_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:bf317da1aa106f4ad08eae11a822fd5d4c81c698ce939e12055a7d5f639b6432_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dad7ea2d7bd1843dff0fbfbee9b6356a0d3356074966e2ad5eceb08a139ffae_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2b86f08b8e454f2b44cf38bf92b0146100960db8c21bf0145594428b0547de08_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:3dd39ad7ffcf143d82203f5de0cddb42834642dbcab56a27df78fbf1875d8039_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a3a6c4465595a52d7c9ec7acdde38dc655ae8aaf5af6925738da00ab2514dc6e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-9277"
},
{
"category": "external",
"summary": "RHBZ#2480741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480741"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-9277",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9277"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9277",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9277"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote",
"url": "https://github.com/ljharb/shell-quote"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote/commit/1518179",
"url": "https://github.com/ljharb/shell-quote/commit/1518179"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p",
"url": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/shell-quote",
"url": "https://www.npmjs.com/package/shell-quote"
}
],
"release_date": "2026-05-22T13:22:38.873000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-15T22:11:01+00:00",
"details": "See Kiali 2.11.12 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.1/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:626653a4f6e9c2c047cfb66d1bdd667e4fdf8fdc3d84c3fc06defb19fe976958_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6d03aff1601a0380a8a8346ed8df9e032134d0ab4d6143ee93fd64e57971ee43_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7e59e57089fb732a2053dc8b5aa5d83c944bf5e720ee874dec579ecb8bbdc630_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:bf317da1aa106f4ad08eae11a822fd5d4c81c698ce939e12055a7d5f639b6432_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dad7ea2d7bd1843dff0fbfbee9b6356a0d3356074966e2ad5eceb08a139ffae_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2b86f08b8e454f2b44cf38bf92b0146100960db8c21bf0145594428b0547de08_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:3dd39ad7ffcf143d82203f5de0cddb42834642dbcab56a27df78fbf1875d8039_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a3a6c4465595a52d7c9ec7acdde38dc655ae8aaf5af6925738da00ab2514dc6e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26077"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:626653a4f6e9c2c047cfb66d1bdd667e4fdf8fdc3d84c3fc06defb19fe976958_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6d03aff1601a0380a8a8346ed8df9e032134d0ab4d6143ee93fd64e57971ee43_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7e59e57089fb732a2053dc8b5aa5d83c944bf5e720ee874dec579ecb8bbdc630_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:bf317da1aa106f4ad08eae11a822fd5d4c81c698ce939e12055a7d5f639b6432_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dad7ea2d7bd1843dff0fbfbee9b6356a0d3356074966e2ad5eceb08a139ffae_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2b86f08b8e454f2b44cf38bf92b0146100960db8c21bf0145594428b0547de08_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:3dd39ad7ffcf143d82203f5de0cddb42834642dbcab56a27df78fbf1875d8039_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a3a6c4465595a52d7c9ec7acdde38dc655ae8aaf5af6925738da00ab2514dc6e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:626653a4f6e9c2c047cfb66d1bdd667e4fdf8fdc3d84c3fc06defb19fe976958_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6d03aff1601a0380a8a8346ed8df9e032134d0ab4d6143ee93fd64e57971ee43_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7e59e57089fb732a2053dc8b5aa5d83c944bf5e720ee874dec579ecb8bbdc630_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:bf317da1aa106f4ad08eae11a822fd5d4c81c698ce939e12055a7d5f639b6432_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dad7ea2d7bd1843dff0fbfbee9b6356a0d3356074966e2ad5eceb08a139ffae_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2b86f08b8e454f2b44cf38bf92b0146100960db8c21bf0145594428b0547de08_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:3dd39ad7ffcf143d82203f5de0cddb42834642dbcab56a27df78fbf1875d8039_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a3a6c4465595a52d7c9ec7acdde38dc655ae8aaf5af6925738da00ab2514dc6e_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:626653a4f6e9c2c047cfb66d1bdd667e4fdf8fdc3d84c3fc06defb19fe976958_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6d03aff1601a0380a8a8346ed8df9e032134d0ab4d6143ee93fd64e57971ee43_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7e59e57089fb732a2053dc8b5aa5d83c944bf5e720ee874dec579ecb8bbdc630_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:bf317da1aa106f4ad08eae11a822fd5d4c81c698ce939e12055a7d5f639b6432_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-15T22:11:01+00:00",
"details": "See Kiali 2.11.12 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.1/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dad7ea2d7bd1843dff0fbfbee9b6356a0d3356074966e2ad5eceb08a139ffae_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2b86f08b8e454f2b44cf38bf92b0146100960db8c21bf0145594428b0547de08_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:3dd39ad7ffcf143d82203f5de0cddb42834642dbcab56a27df78fbf1875d8039_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a3a6c4465595a52d7c9ec7acdde38dc655ae8aaf5af6925738da00ab2514dc6e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26077"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:626653a4f6e9c2c047cfb66d1bdd667e4fdf8fdc3d84c3fc06defb19fe976958_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6d03aff1601a0380a8a8346ed8df9e032134d0ab4d6143ee93fd64e57971ee43_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7e59e57089fb732a2053dc8b5aa5d83c944bf5e720ee874dec579ecb8bbdc630_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:bf317da1aa106f4ad08eae11a822fd5d4c81c698ce939e12055a7d5f639b6432_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dad7ea2d7bd1843dff0fbfbee9b6356a0d3356074966e2ad5eceb08a139ffae_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2b86f08b8e454f2b44cf38bf92b0146100960db8c21bf0145594428b0547de08_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:3dd39ad7ffcf143d82203f5de0cddb42834642dbcab56a27df78fbf1875d8039_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a3a6c4465595a52d7c9ec7acdde38dc655ae8aaf5af6925738da00ab2514dc6e_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:626653a4f6e9c2c047cfb66d1bdd667e4fdf8fdc3d84c3fc06defb19fe976958_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6d03aff1601a0380a8a8346ed8df9e032134d0ab4d6143ee93fd64e57971ee43_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:7e59e57089fb732a2053dc8b5aa5d83c944bf5e720ee874dec579ecb8bbdc630_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:bf317da1aa106f4ad08eae11a822fd5d4c81c698ce939e12055a7d5f639b6432_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dad7ea2d7bd1843dff0fbfbee9b6356a0d3356074966e2ad5eceb08a139ffae_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2b86f08b8e454f2b44cf38bf92b0146100960db8c21bf0145594428b0547de08_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:3dd39ad7ffcf143d82203f5de0cddb42834642dbcab56a27df78fbf1875d8039_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a3a6c4465595a52d7c9ec7acdde38dc655ae8aaf5af6925738da00ab2514dc6e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
}
]
}
RHSA-2026:26079
Vulnerability from csaf_redhat - Published: 2026-06-15 22:32 - Updated: 2026-06-16 23:10Summary
Red Hat Security Advisory: Kiali 2.17.9 for Red Hat OpenShift Service Mesh 3.2
Severity
Important
Notes
Topic: Kiali 2.17.9 for Red Hat OpenShift Service Mesh 3.2 is now available.
An update is now available for Red Hat OpenShift Service Mesh 3.2. This advisory contains the RPM packages for the Kiali component.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Kiali 2.17.9, for Red Hat OpenShift Service Mesh 3.2, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently.
Security Fix(es):
* CVE-2026-32281 redhat-user-workloads/kiali-3-2: Go crypto/x509: Denial of Service via inefficient certificate chain validation (ossm-13869)
* CVE-2026-9277 openshift-service-mesh/kiali-ossmc-rhel9: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators (ossm-13911)
* CVE-2026-9277 openshift-service-mesh/kiali-rhel9: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators (ossm-13915)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the shell-quote component. The quote() function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpret as a command separator. This could lead to command injection, enabling the attacker to execute arbitrary code on the system.
8.1 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:053f62e9327d00cff42761b6329de9ad51aa991cb407ee93dfd264a119dcbedd_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2712fb5cb978d5670aa858a4bb6c9906d84913d7f8d7ea616ae90c531650bf84_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fa68ac996600468f6db141b2aae175fd74739def04b98b845733d172d3f484d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fe037a6b9dbc97f43eca680b2b5a09fccfea561af01a82d1c55a53ce413a661_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:473a0b1d4381fe01222ed465cc311e6c7471322988d3f6a5efe9c884a3fbe008_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a55e8a19ef4ff99d5ddc68a92ce37373ccf1ff7d69bdcaffa07c8fe3bee5f3b5_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:d2be1e36684ba72d0245a864f82274003b0b26d7dfcb80cee88d116f6c0cb3cd_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:dfdb0cd01be7092f7338444876e89d92979381b602a4b38c10980ac3c1213fb0_ppc64le | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
5.9 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:473a0b1d4381fe01222ed465cc311e6c7471322988d3f6a5efe9c884a3fbe008_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a55e8a19ef4ff99d5ddc68a92ce37373ccf1ff7d69bdcaffa07c8fe3bee5f3b5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:d2be1e36684ba72d0245a864f82274003b0b26d7dfcb80cee88d116f6c0cb3cd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:dfdb0cd01be7092f7338444876e89d92979381b602a4b38c10980ac3c1213fb0_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:053f62e9327d00cff42761b6329de9ad51aa991cb407ee93dfd264a119dcbedd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2712fb5cb978d5670aa858a4bb6c9906d84913d7f8d7ea616ae90c531650bf84_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fa68ac996600468f6db141b2aae175fd74739def04b98b845733d172d3f484d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fe037a6b9dbc97f43eca680b2b5a09fccfea561af01a82d1c55a53ce413a661_ppc64le | — |
Workaround
|
Threats
Impact
Moderate
References
22 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Kiali 2.17.9 for Red Hat OpenShift Service Mesh 3.2 is now available.\nAn update is now available for Red Hat OpenShift Service Mesh 3.2. This advisory contains the RPM packages for the Kiali component.\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Kiali 2.17.9, for Red Hat OpenShift Service Mesh 3.2, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently.\n\nSecurity Fix(es):\n\n* CVE-2026-32281 redhat-user-workloads/kiali-3-2: Go crypto/x509: Denial of Service via inefficient certificate chain validation (ossm-13869)\n\n* CVE-2026-9277 openshift-service-mesh/kiali-ossmc-rhel9: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators (ossm-13911)\n\n* CVE-2026-9277 openshift-service-mesh/kiali-rhel9: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators (ossm-13915)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:26079",
"url": "https://access.redhat.com/errata/RHSA-2026:26079"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-9277",
"url": "https://access.redhat.com/security/cve/CVE-2026-9277"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification",
"url": "https://access.redhat.com/security/updates/classification"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26079.json"
}
],
"title": "Red Hat Security Advisory: Kiali 2.17.9 for Red Hat OpenShift Service Mesh 3.2",
"tracking": {
"current_release_date": "2026-06-16T23:10:11+00:00",
"generator": {
"date": "2026-06-16T23:10:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2026:26079",
"initial_release_date": "2026-06-15T22:32:11+00:00",
"revision_history": [
{
"date": "2026-06-15T22:32:11+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-15T22:32:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-16T23:10:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Service Mesh 3.2",
"product": {
"name": "Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:3.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:473a0b1d4381fe01222ed465cc311e6c7471322988d3f6a5efe9c884a3fbe008_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:473a0b1d4381fe01222ed465cc311e6c7471322988d3f6a5efe9c884a3fbe008_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:473a0b1d4381fe01222ed465cc311e6c7471322988d3f6a5efe9c884a3fbe008_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A473a0b1d4381fe01222ed465cc311e6c7471322988d3f6a5efe9c884a3fbe008?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9\u0026tag=1780916392"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2712fb5cb978d5670aa858a4bb6c9906d84913d7f8d7ea616ae90c531650bf84_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2712fb5cb978d5670aa858a4bb6c9906d84913d7f8d7ea616ae90c531650bf84_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2712fb5cb978d5670aa858a4bb6c9906d84913d7f8d7ea616ae90c531650bf84_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A2712fb5cb978d5670aa858a4bb6c9906d84913d7f8d7ea616ae90c531650bf84?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9\u0026tag=1780470003"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a55e8a19ef4ff99d5ddc68a92ce37373ccf1ff7d69bdcaffa07c8fe3bee5f3b5_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a55e8a19ef4ff99d5ddc68a92ce37373ccf1ff7d69bdcaffa07c8fe3bee5f3b5_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a55e8a19ef4ff99d5ddc68a92ce37373ccf1ff7d69bdcaffa07c8fe3bee5f3b5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3Aa55e8a19ef4ff99d5ddc68a92ce37373ccf1ff7d69bdcaffa07c8fe3bee5f3b5?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9\u0026tag=1780916392"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fa68ac996600468f6db141b2aae175fd74739def04b98b845733d172d3f484d_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fa68ac996600468f6db141b2aae175fd74739def04b98b845733d172d3f484d_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fa68ac996600468f6db141b2aae175fd74739def04b98b845733d172d3f484d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A6fa68ac996600468f6db141b2aae175fd74739def04b98b845733d172d3f484d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9\u0026tag=1780470003"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:dfdb0cd01be7092f7338444876e89d92979381b602a4b38c10980ac3c1213fb0_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:dfdb0cd01be7092f7338444876e89d92979381b602a4b38c10980ac3c1213fb0_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:dfdb0cd01be7092f7338444876e89d92979381b602a4b38c10980ac3c1213fb0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3Adfdb0cd01be7092f7338444876e89d92979381b602a4b38c10980ac3c1213fb0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9\u0026tag=1780916392"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fe037a6b9dbc97f43eca680b2b5a09fccfea561af01a82d1c55a53ce413a661_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fe037a6b9dbc97f43eca680b2b5a09fccfea561af01a82d1c55a53ce413a661_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fe037a6b9dbc97f43eca680b2b5a09fccfea561af01a82d1c55a53ce413a661_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A6fe037a6b9dbc97f43eca680b2b5a09fccfea561af01a82d1c55a53ce413a661?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9\u0026tag=1780470003"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:d2be1e36684ba72d0245a864f82274003b0b26d7dfcb80cee88d116f6c0cb3cd_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:d2be1e36684ba72d0245a864f82274003b0b26d7dfcb80cee88d116f6c0cb3cd_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:d2be1e36684ba72d0245a864f82274003b0b26d7dfcb80cee88d116f6c0cb3cd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3Ad2be1e36684ba72d0245a864f82274003b0b26d7dfcb80cee88d116f6c0cb3cd?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9\u0026tag=1780916392"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:053f62e9327d00cff42761b6329de9ad51aa991cb407ee93dfd264a119dcbedd_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:053f62e9327d00cff42761b6329de9ad51aa991cb407ee93dfd264a119dcbedd_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:053f62e9327d00cff42761b6329de9ad51aa991cb407ee93dfd264a119dcbedd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A053f62e9327d00cff42761b6329de9ad51aa991cb407ee93dfd264a119dcbedd?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9\u0026tag=1780470003"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:053f62e9327d00cff42761b6329de9ad51aa991cb407ee93dfd264a119dcbedd_s390x as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:053f62e9327d00cff42761b6329de9ad51aa991cb407ee93dfd264a119dcbedd_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:053f62e9327d00cff42761b6329de9ad51aa991cb407ee93dfd264a119dcbedd_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2712fb5cb978d5670aa858a4bb6c9906d84913d7f8d7ea616ae90c531650bf84_amd64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2712fb5cb978d5670aa858a4bb6c9906d84913d7f8d7ea616ae90c531650bf84_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2712fb5cb978d5670aa858a4bb6c9906d84913d7f8d7ea616ae90c531650bf84_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fa68ac996600468f6db141b2aae175fd74739def04b98b845733d172d3f484d_arm64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fa68ac996600468f6db141b2aae175fd74739def04b98b845733d172d3f484d_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fa68ac996600468f6db141b2aae175fd74739def04b98b845733d172d3f484d_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fe037a6b9dbc97f43eca680b2b5a09fccfea561af01a82d1c55a53ce413a661_ppc64le as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fe037a6b9dbc97f43eca680b2b5a09fccfea561af01a82d1c55a53ce413a661_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fe037a6b9dbc97f43eca680b2b5a09fccfea561af01a82d1c55a53ce413a661_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:473a0b1d4381fe01222ed465cc311e6c7471322988d3f6a5efe9c884a3fbe008_amd64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:473a0b1d4381fe01222ed465cc311e6c7471322988d3f6a5efe9c884a3fbe008_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:473a0b1d4381fe01222ed465cc311e6c7471322988d3f6a5efe9c884a3fbe008_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a55e8a19ef4ff99d5ddc68a92ce37373ccf1ff7d69bdcaffa07c8fe3bee5f3b5_arm64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a55e8a19ef4ff99d5ddc68a92ce37373ccf1ff7d69bdcaffa07c8fe3bee5f3b5_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a55e8a19ef4ff99d5ddc68a92ce37373ccf1ff7d69bdcaffa07c8fe3bee5f3b5_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:d2be1e36684ba72d0245a864f82274003b0b26d7dfcb80cee88d116f6c0cb3cd_s390x as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:d2be1e36684ba72d0245a864f82274003b0b26d7dfcb80cee88d116f6c0cb3cd_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:d2be1e36684ba72d0245a864f82274003b0b26d7dfcb80cee88d116f6c0cb3cd_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:dfdb0cd01be7092f7338444876e89d92979381b602a4b38c10980ac3c1213fb0_ppc64le as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:dfdb0cd01be7092f7338444876e89d92979381b602a4b38c10980ac3c1213fb0_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:dfdb0cd01be7092f7338444876e89d92979381b602a4b38c10980ac3c1213fb0_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-9277",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2026-05-22T14:01:14.427751+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480741"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the shell-quote component. The quote() function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpret as a command separator. This could lead to command injection, enabling the attacker to execute arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:053f62e9327d00cff42761b6329de9ad51aa991cb407ee93dfd264a119dcbedd_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2712fb5cb978d5670aa858a4bb6c9906d84913d7f8d7ea616ae90c531650bf84_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fa68ac996600468f6db141b2aae175fd74739def04b98b845733d172d3f484d_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fe037a6b9dbc97f43eca680b2b5a09fccfea561af01a82d1c55a53ce413a661_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:473a0b1d4381fe01222ed465cc311e6c7471322988d3f6a5efe9c884a3fbe008_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a55e8a19ef4ff99d5ddc68a92ce37373ccf1ff7d69bdcaffa07c8fe3bee5f3b5_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:d2be1e36684ba72d0245a864f82274003b0b26d7dfcb80cee88d116f6c0cb3cd_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:dfdb0cd01be7092f7338444876e89d92979381b602a4b38c10980ac3c1213fb0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-9277"
},
{
"category": "external",
"summary": "RHBZ#2480741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480741"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-9277",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9277"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9277",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9277"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote",
"url": "https://github.com/ljharb/shell-quote"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote/commit/1518179",
"url": "https://github.com/ljharb/shell-quote/commit/1518179"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p",
"url": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/shell-quote",
"url": "https://www.npmjs.com/package/shell-quote"
}
],
"release_date": "2026-05-22T13:22:38.873000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-15T22:32:11+00:00",
"details": "See Kiali 2.17.9 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.2/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:053f62e9327d00cff42761b6329de9ad51aa991cb407ee93dfd264a119dcbedd_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2712fb5cb978d5670aa858a4bb6c9906d84913d7f8d7ea616ae90c531650bf84_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fa68ac996600468f6db141b2aae175fd74739def04b98b845733d172d3f484d_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fe037a6b9dbc97f43eca680b2b5a09fccfea561af01a82d1c55a53ce413a661_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:473a0b1d4381fe01222ed465cc311e6c7471322988d3f6a5efe9c884a3fbe008_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a55e8a19ef4ff99d5ddc68a92ce37373ccf1ff7d69bdcaffa07c8fe3bee5f3b5_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:d2be1e36684ba72d0245a864f82274003b0b26d7dfcb80cee88d116f6c0cb3cd_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:dfdb0cd01be7092f7338444876e89d92979381b602a4b38c10980ac3c1213fb0_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26079"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:053f62e9327d00cff42761b6329de9ad51aa991cb407ee93dfd264a119dcbedd_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2712fb5cb978d5670aa858a4bb6c9906d84913d7f8d7ea616ae90c531650bf84_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fa68ac996600468f6db141b2aae175fd74739def04b98b845733d172d3f484d_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fe037a6b9dbc97f43eca680b2b5a09fccfea561af01a82d1c55a53ce413a661_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:473a0b1d4381fe01222ed465cc311e6c7471322988d3f6a5efe9c884a3fbe008_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a55e8a19ef4ff99d5ddc68a92ce37373ccf1ff7d69bdcaffa07c8fe3bee5f3b5_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:d2be1e36684ba72d0245a864f82274003b0b26d7dfcb80cee88d116f6c0cb3cd_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:dfdb0cd01be7092f7338444876e89d92979381b602a4b38c10980ac3c1213fb0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:053f62e9327d00cff42761b6329de9ad51aa991cb407ee93dfd264a119dcbedd_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2712fb5cb978d5670aa858a4bb6c9906d84913d7f8d7ea616ae90c531650bf84_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fa68ac996600468f6db141b2aae175fd74739def04b98b845733d172d3f484d_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fe037a6b9dbc97f43eca680b2b5a09fccfea561af01a82d1c55a53ce413a661_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:473a0b1d4381fe01222ed465cc311e6c7471322988d3f6a5efe9c884a3fbe008_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a55e8a19ef4ff99d5ddc68a92ce37373ccf1ff7d69bdcaffa07c8fe3bee5f3b5_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:d2be1e36684ba72d0245a864f82274003b0b26d7dfcb80cee88d116f6c0cb3cd_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:dfdb0cd01be7092f7338444876e89d92979381b602a4b38c10980ac3c1213fb0_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:053f62e9327d00cff42761b6329de9ad51aa991cb407ee93dfd264a119dcbedd_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2712fb5cb978d5670aa858a4bb6c9906d84913d7f8d7ea616ae90c531650bf84_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fa68ac996600468f6db141b2aae175fd74739def04b98b845733d172d3f484d_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fe037a6b9dbc97f43eca680b2b5a09fccfea561af01a82d1c55a53ce413a661_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-15T22:32:11+00:00",
"details": "See Kiali 2.17.9 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.2/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:473a0b1d4381fe01222ed465cc311e6c7471322988d3f6a5efe9c884a3fbe008_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a55e8a19ef4ff99d5ddc68a92ce37373ccf1ff7d69bdcaffa07c8fe3bee5f3b5_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:d2be1e36684ba72d0245a864f82274003b0b26d7dfcb80cee88d116f6c0cb3cd_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:dfdb0cd01be7092f7338444876e89d92979381b602a4b38c10980ac3c1213fb0_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26079"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:053f62e9327d00cff42761b6329de9ad51aa991cb407ee93dfd264a119dcbedd_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2712fb5cb978d5670aa858a4bb6c9906d84913d7f8d7ea616ae90c531650bf84_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fa68ac996600468f6db141b2aae175fd74739def04b98b845733d172d3f484d_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fe037a6b9dbc97f43eca680b2b5a09fccfea561af01a82d1c55a53ce413a661_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:473a0b1d4381fe01222ed465cc311e6c7471322988d3f6a5efe9c884a3fbe008_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a55e8a19ef4ff99d5ddc68a92ce37373ccf1ff7d69bdcaffa07c8fe3bee5f3b5_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:d2be1e36684ba72d0245a864f82274003b0b26d7dfcb80cee88d116f6c0cb3cd_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:dfdb0cd01be7092f7338444876e89d92979381b602a4b38c10980ac3c1213fb0_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:053f62e9327d00cff42761b6329de9ad51aa991cb407ee93dfd264a119dcbedd_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2712fb5cb978d5670aa858a4bb6c9906d84913d7f8d7ea616ae90c531650bf84_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fa68ac996600468f6db141b2aae175fd74739def04b98b845733d172d3f484d_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:6fe037a6b9dbc97f43eca680b2b5a09fccfea561af01a82d1c55a53ce413a661_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:473a0b1d4381fe01222ed465cc311e6c7471322988d3f6a5efe9c884a3fbe008_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a55e8a19ef4ff99d5ddc68a92ce37373ccf1ff7d69bdcaffa07c8fe3bee5f3b5_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:d2be1e36684ba72d0245a864f82274003b0b26d7dfcb80cee88d116f6c0cb3cd_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:dfdb0cd01be7092f7338444876e89d92979381b602a4b38c10980ac3c1213fb0_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
}
]
}
RHSA-2026:26080
Vulnerability from csaf_redhat - Published: 2026-06-15 22:39 - Updated: 2026-06-16 23:10Summary
Red Hat Security Advisory: Kiali 2.4.18 for Red Hat OpenShift Service Mesh 3.0
Severity
Important
Notes
Topic: Kiali 2.4.18 for Red Hat OpenShift Service Mesh 3.0 is now available.
An update is now available for Red Hat OpenShift Service Mesh 3.0. This advisory contains the RPM packages for the Kiali component.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Kiali 2.4.18, for Red Hat OpenShift Service Mesh 3.0, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently.
Security Fix(es):
* CVE-2026-32281 redhat-user-workloads/kiali-3-0: Go crypto/x509: Denial of Service via inefficient certificate chain validation (ossm-13867)
* CVE-2026-9277 openshift-service-mesh/kiali-ossmc-rhel9: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators (ossm-13909)
* CVE-2026-9277 openshift-service-mesh/kiali-rhel9: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators (ossm-13913)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the shell-quote component. The quote() function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpret as a command separator. This could lead to command injection, enabling the attacker to execute arbitrary code on the system.
8.1 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:251fd9c3bfe135b9a7544c97c4169b36183a3b8c4c3b2255b772359f00e932e9_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2f171572c72f05b82da40f74fd25cf479d693afb24477e15478d2b602b86bd16_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4b98893e9a829922e0444f70b0011d1a9c8af3a08d6e48f6c87d752657db1c68_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ac654a09e840d2e4d47ed77a70d29d5ca01d8d3fa8e8905b90cda4e4a77813f1_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:10a6ac2eebe2fbab2a2ab538687774d227dec3c4b87f4b283ac7fa1510b87288_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2e2cde16b866b764d4191d0024b07f8517ee390fff35b4af0109356da7646495_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a54f200ca82613a7c4a58b99e7f1b1dc1b0c9462e0a457f7c1c28a878ec8b8b9_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:cf6c0442d0aa7c3265a01f672723356aed640ad0a8ea4a197e106397e451fdb2_s390x | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
5.9 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:10a6ac2eebe2fbab2a2ab538687774d227dec3c4b87f4b283ac7fa1510b87288_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2e2cde16b866b764d4191d0024b07f8517ee390fff35b4af0109356da7646495_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a54f200ca82613a7c4a58b99e7f1b1dc1b0c9462e0a457f7c1c28a878ec8b8b9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:cf6c0442d0aa7c3265a01f672723356aed640ad0a8ea4a197e106397e451fdb2_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:251fd9c3bfe135b9a7544c97c4169b36183a3b8c4c3b2255b772359f00e932e9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2f171572c72f05b82da40f74fd25cf479d693afb24477e15478d2b602b86bd16_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4b98893e9a829922e0444f70b0011d1a9c8af3a08d6e48f6c87d752657db1c68_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ac654a09e840d2e4d47ed77a70d29d5ca01d8d3fa8e8905b90cda4e4a77813f1_ppc64le | — |
Workaround
|
Threats
Impact
Moderate
References
22 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Kiali 2.4.18 for Red Hat OpenShift Service Mesh 3.0 is now available.\nAn update is now available for Red Hat OpenShift Service Mesh 3.0. This advisory contains the RPM packages for the Kiali component.\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Kiali 2.4.18, for Red Hat OpenShift Service Mesh 3.0, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently.\n\nSecurity Fix(es):\n\n* CVE-2026-32281 redhat-user-workloads/kiali-3-0: Go crypto/x509: Denial of Service via inefficient certificate chain validation (ossm-13867)\n\n* CVE-2026-9277 openshift-service-mesh/kiali-ossmc-rhel9: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators (ossm-13909)\n\n* CVE-2026-9277 openshift-service-mesh/kiali-rhel9: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators (ossm-13913)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:26080",
"url": "https://access.redhat.com/errata/RHSA-2026:26080"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-9277",
"url": "https://access.redhat.com/security/cve/CVE-2026-9277"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification",
"url": "https://access.redhat.com/security/updates/classification"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26080.json"
}
],
"title": "Red Hat Security Advisory: Kiali 2.4.18 for Red Hat OpenShift Service Mesh 3.0",
"tracking": {
"current_release_date": "2026-06-16T23:10:11+00:00",
"generator": {
"date": "2026-06-16T23:10:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2026:26080",
"initial_release_date": "2026-06-15T22:39:05+00:00",
"revision_history": [
{
"date": "2026-06-15T22:39:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-15T22:39:11+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-16T23:10:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Service Mesh 3.0",
"product": {
"name": "Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:3.0::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2e2cde16b866b764d4191d0024b07f8517ee390fff35b4af0109356da7646495_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2e2cde16b866b764d4191d0024b07f8517ee390fff35b4af0109356da7646495_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2e2cde16b866b764d4191d0024b07f8517ee390fff35b4af0109356da7646495_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A2e2cde16b866b764d4191d0024b07f8517ee390fff35b4af0109356da7646495?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9\u0026tag=1780916345"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4b98893e9a829922e0444f70b0011d1a9c8af3a08d6e48f6c87d752657db1c68_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4b98893e9a829922e0444f70b0011d1a9c8af3a08d6e48f6c87d752657db1c68_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4b98893e9a829922e0444f70b0011d1a9c8af3a08d6e48f6c87d752657db1c68_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A4b98893e9a829922e0444f70b0011d1a9c8af3a08d6e48f6c87d752657db1c68?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9\u0026tag=1780470245"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a54f200ca82613a7c4a58b99e7f1b1dc1b0c9462e0a457f7c1c28a878ec8b8b9_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a54f200ca82613a7c4a58b99e7f1b1dc1b0c9462e0a457f7c1c28a878ec8b8b9_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a54f200ca82613a7c4a58b99e7f1b1dc1b0c9462e0a457f7c1c28a878ec8b8b9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3Aa54f200ca82613a7c4a58b99e7f1b1dc1b0c9462e0a457f7c1c28a878ec8b8b9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9\u0026tag=1780916345"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:251fd9c3bfe135b9a7544c97c4169b36183a3b8c4c3b2255b772359f00e932e9_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:251fd9c3bfe135b9a7544c97c4169b36183a3b8c4c3b2255b772359f00e932e9_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:251fd9c3bfe135b9a7544c97c4169b36183a3b8c4c3b2255b772359f00e932e9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A251fd9c3bfe135b9a7544c97c4169b36183a3b8c4c3b2255b772359f00e932e9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9\u0026tag=1780470245"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:10a6ac2eebe2fbab2a2ab538687774d227dec3c4b87f4b283ac7fa1510b87288_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:10a6ac2eebe2fbab2a2ab538687774d227dec3c4b87f4b283ac7fa1510b87288_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:10a6ac2eebe2fbab2a2ab538687774d227dec3c4b87f4b283ac7fa1510b87288_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A10a6ac2eebe2fbab2a2ab538687774d227dec3c4b87f4b283ac7fa1510b87288?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9\u0026tag=1780916345"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ac654a09e840d2e4d47ed77a70d29d5ca01d8d3fa8e8905b90cda4e4a77813f1_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ac654a09e840d2e4d47ed77a70d29d5ca01d8d3fa8e8905b90cda4e4a77813f1_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ac654a09e840d2e4d47ed77a70d29d5ca01d8d3fa8e8905b90cda4e4a77813f1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3Aac654a09e840d2e4d47ed77a70d29d5ca01d8d3fa8e8905b90cda4e4a77813f1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9\u0026tag=1780470245"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:cf6c0442d0aa7c3265a01f672723356aed640ad0a8ea4a197e106397e451fdb2_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:cf6c0442d0aa7c3265a01f672723356aed640ad0a8ea4a197e106397e451fdb2_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:cf6c0442d0aa7c3265a01f672723356aed640ad0a8ea4a197e106397e451fdb2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3Acf6c0442d0aa7c3265a01f672723356aed640ad0a8ea4a197e106397e451fdb2?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9\u0026tag=1780916345"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2f171572c72f05b82da40f74fd25cf479d693afb24477e15478d2b602b86bd16_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2f171572c72f05b82da40f74fd25cf479d693afb24477e15478d2b602b86bd16_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2f171572c72f05b82da40f74fd25cf479d693afb24477e15478d2b602b86bd16_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A2f171572c72f05b82da40f74fd25cf479d693afb24477e15478d2b602b86bd16?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9\u0026tag=1780470245"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:251fd9c3bfe135b9a7544c97c4169b36183a3b8c4c3b2255b772359f00e932e9_arm64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:251fd9c3bfe135b9a7544c97c4169b36183a3b8c4c3b2255b772359f00e932e9_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:251fd9c3bfe135b9a7544c97c4169b36183a3b8c4c3b2255b772359f00e932e9_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2f171572c72f05b82da40f74fd25cf479d693afb24477e15478d2b602b86bd16_s390x as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2f171572c72f05b82da40f74fd25cf479d693afb24477e15478d2b602b86bd16_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2f171572c72f05b82da40f74fd25cf479d693afb24477e15478d2b602b86bd16_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4b98893e9a829922e0444f70b0011d1a9c8af3a08d6e48f6c87d752657db1c68_amd64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4b98893e9a829922e0444f70b0011d1a9c8af3a08d6e48f6c87d752657db1c68_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4b98893e9a829922e0444f70b0011d1a9c8af3a08d6e48f6c87d752657db1c68_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ac654a09e840d2e4d47ed77a70d29d5ca01d8d3fa8e8905b90cda4e4a77813f1_ppc64le as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ac654a09e840d2e4d47ed77a70d29d5ca01d8d3fa8e8905b90cda4e4a77813f1_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ac654a09e840d2e4d47ed77a70d29d5ca01d8d3fa8e8905b90cda4e4a77813f1_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:10a6ac2eebe2fbab2a2ab538687774d227dec3c4b87f4b283ac7fa1510b87288_ppc64le as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:10a6ac2eebe2fbab2a2ab538687774d227dec3c4b87f4b283ac7fa1510b87288_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:10a6ac2eebe2fbab2a2ab538687774d227dec3c4b87f4b283ac7fa1510b87288_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2e2cde16b866b764d4191d0024b07f8517ee390fff35b4af0109356da7646495_amd64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2e2cde16b866b764d4191d0024b07f8517ee390fff35b4af0109356da7646495_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2e2cde16b866b764d4191d0024b07f8517ee390fff35b4af0109356da7646495_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a54f200ca82613a7c4a58b99e7f1b1dc1b0c9462e0a457f7c1c28a878ec8b8b9_arm64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a54f200ca82613a7c4a58b99e7f1b1dc1b0c9462e0a457f7c1c28a878ec8b8b9_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a54f200ca82613a7c4a58b99e7f1b1dc1b0c9462e0a457f7c1c28a878ec8b8b9_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:cf6c0442d0aa7c3265a01f672723356aed640ad0a8ea4a197e106397e451fdb2_s390x as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:cf6c0442d0aa7c3265a01f672723356aed640ad0a8ea4a197e106397e451fdb2_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:cf6c0442d0aa7c3265a01f672723356aed640ad0a8ea4a197e106397e451fdb2_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-9277",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2026-05-22T14:01:14.427751+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480741"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the shell-quote component. The quote() function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpret as a command separator. This could lead to command injection, enabling the attacker to execute arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:251fd9c3bfe135b9a7544c97c4169b36183a3b8c4c3b2255b772359f00e932e9_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2f171572c72f05b82da40f74fd25cf479d693afb24477e15478d2b602b86bd16_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4b98893e9a829922e0444f70b0011d1a9c8af3a08d6e48f6c87d752657db1c68_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ac654a09e840d2e4d47ed77a70d29d5ca01d8d3fa8e8905b90cda4e4a77813f1_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:10a6ac2eebe2fbab2a2ab538687774d227dec3c4b87f4b283ac7fa1510b87288_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2e2cde16b866b764d4191d0024b07f8517ee390fff35b4af0109356da7646495_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a54f200ca82613a7c4a58b99e7f1b1dc1b0c9462e0a457f7c1c28a878ec8b8b9_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:cf6c0442d0aa7c3265a01f672723356aed640ad0a8ea4a197e106397e451fdb2_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-9277"
},
{
"category": "external",
"summary": "RHBZ#2480741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480741"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-9277",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9277"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9277",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9277"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote",
"url": "https://github.com/ljharb/shell-quote"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote/commit/1518179",
"url": "https://github.com/ljharb/shell-quote/commit/1518179"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p",
"url": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/shell-quote",
"url": "https://www.npmjs.com/package/shell-quote"
}
],
"release_date": "2026-05-22T13:22:38.873000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-15T22:39:05+00:00",
"details": "See Kiali 2.4.18 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.0/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:251fd9c3bfe135b9a7544c97c4169b36183a3b8c4c3b2255b772359f00e932e9_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2f171572c72f05b82da40f74fd25cf479d693afb24477e15478d2b602b86bd16_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4b98893e9a829922e0444f70b0011d1a9c8af3a08d6e48f6c87d752657db1c68_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ac654a09e840d2e4d47ed77a70d29d5ca01d8d3fa8e8905b90cda4e4a77813f1_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:10a6ac2eebe2fbab2a2ab538687774d227dec3c4b87f4b283ac7fa1510b87288_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2e2cde16b866b764d4191d0024b07f8517ee390fff35b4af0109356da7646495_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a54f200ca82613a7c4a58b99e7f1b1dc1b0c9462e0a457f7c1c28a878ec8b8b9_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:cf6c0442d0aa7c3265a01f672723356aed640ad0a8ea4a197e106397e451fdb2_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26080"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:251fd9c3bfe135b9a7544c97c4169b36183a3b8c4c3b2255b772359f00e932e9_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2f171572c72f05b82da40f74fd25cf479d693afb24477e15478d2b602b86bd16_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4b98893e9a829922e0444f70b0011d1a9c8af3a08d6e48f6c87d752657db1c68_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ac654a09e840d2e4d47ed77a70d29d5ca01d8d3fa8e8905b90cda4e4a77813f1_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:10a6ac2eebe2fbab2a2ab538687774d227dec3c4b87f4b283ac7fa1510b87288_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2e2cde16b866b764d4191d0024b07f8517ee390fff35b4af0109356da7646495_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a54f200ca82613a7c4a58b99e7f1b1dc1b0c9462e0a457f7c1c28a878ec8b8b9_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:cf6c0442d0aa7c3265a01f672723356aed640ad0a8ea4a197e106397e451fdb2_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:251fd9c3bfe135b9a7544c97c4169b36183a3b8c4c3b2255b772359f00e932e9_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2f171572c72f05b82da40f74fd25cf479d693afb24477e15478d2b602b86bd16_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4b98893e9a829922e0444f70b0011d1a9c8af3a08d6e48f6c87d752657db1c68_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ac654a09e840d2e4d47ed77a70d29d5ca01d8d3fa8e8905b90cda4e4a77813f1_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:10a6ac2eebe2fbab2a2ab538687774d227dec3c4b87f4b283ac7fa1510b87288_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2e2cde16b866b764d4191d0024b07f8517ee390fff35b4af0109356da7646495_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a54f200ca82613a7c4a58b99e7f1b1dc1b0c9462e0a457f7c1c28a878ec8b8b9_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:cf6c0442d0aa7c3265a01f672723356aed640ad0a8ea4a197e106397e451fdb2_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:251fd9c3bfe135b9a7544c97c4169b36183a3b8c4c3b2255b772359f00e932e9_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2f171572c72f05b82da40f74fd25cf479d693afb24477e15478d2b602b86bd16_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4b98893e9a829922e0444f70b0011d1a9c8af3a08d6e48f6c87d752657db1c68_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ac654a09e840d2e4d47ed77a70d29d5ca01d8d3fa8e8905b90cda4e4a77813f1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-15T22:39:05+00:00",
"details": "See Kiali 2.4.18 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.0/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:10a6ac2eebe2fbab2a2ab538687774d227dec3c4b87f4b283ac7fa1510b87288_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2e2cde16b866b764d4191d0024b07f8517ee390fff35b4af0109356da7646495_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a54f200ca82613a7c4a58b99e7f1b1dc1b0c9462e0a457f7c1c28a878ec8b8b9_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:cf6c0442d0aa7c3265a01f672723356aed640ad0a8ea4a197e106397e451fdb2_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26080"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:251fd9c3bfe135b9a7544c97c4169b36183a3b8c4c3b2255b772359f00e932e9_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2f171572c72f05b82da40f74fd25cf479d693afb24477e15478d2b602b86bd16_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4b98893e9a829922e0444f70b0011d1a9c8af3a08d6e48f6c87d752657db1c68_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ac654a09e840d2e4d47ed77a70d29d5ca01d8d3fa8e8905b90cda4e4a77813f1_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:10a6ac2eebe2fbab2a2ab538687774d227dec3c4b87f4b283ac7fa1510b87288_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2e2cde16b866b764d4191d0024b07f8517ee390fff35b4af0109356da7646495_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a54f200ca82613a7c4a58b99e7f1b1dc1b0c9462e0a457f7c1c28a878ec8b8b9_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:cf6c0442d0aa7c3265a01f672723356aed640ad0a8ea4a197e106397e451fdb2_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:251fd9c3bfe135b9a7544c97c4169b36183a3b8c4c3b2255b772359f00e932e9_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:2f171572c72f05b82da40f74fd25cf479d693afb24477e15478d2b602b86bd16_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:4b98893e9a829922e0444f70b0011d1a9c8af3a08d6e48f6c87d752657db1c68_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:ac654a09e840d2e4d47ed77a70d29d5ca01d8d3fa8e8905b90cda4e4a77813f1_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:10a6ac2eebe2fbab2a2ab538687774d227dec3c4b87f4b283ac7fa1510b87288_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:2e2cde16b866b764d4191d0024b07f8517ee390fff35b4af0109356da7646495_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:a54f200ca82613a7c4a58b99e7f1b1dc1b0c9462e0a457f7c1c28a878ec8b8b9_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:cf6c0442d0aa7c3265a01f672723356aed640ad0a8ea4a197e106397e451fdb2_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
}
]
}
RHSA-2026:26090
Vulnerability from csaf_redhat - Published: 2026-06-15 23:27 - Updated: 2026-06-16 23:10Summary
Red Hat Security Advisory: Kiali 2.22.5 for Red Hat OpenShift Service Mesh 3.3
Severity
Important
Notes
Topic: Kiali 2.22.5 for Red Hat OpenShift Service Mesh 3.3 is now available.
An update is now available for Red Hat OpenShift Service Mesh 3.3. This advisory contains the RPM packages for the Kiali component.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Kiali 2.22.5, for Red Hat OpenShift Service Mesh 3.3, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently.
Security Fix(es):
* CVE-2026-32281 Go crypto/x509: Denial of Service via inefficient certificate chain validation (OSSM-13870)
* CVE-2026-9277 openshift-service-mesh/kiali-ossmc-rhel9: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators (ossm-13912)
* CVE-2026-9277 openshift-service-mesh/kiali-rhel9: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators (ossm-13916)
* CVE-2026-44293 openshift-service-mesh/kiali-rhel9: protobufjs: Arbitrary code execution due to unsafe expression generation from crafted protobuf descriptors (ossm-13962)
* CVE-2026-44293 openshift-service-mesh/kiali-ossmc-rhel9: protobufjs: Arbitrary code execution due to unsafe expression generation from crafted protobuf descriptors (ossm-13963)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the shell-quote component. The quote() function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpret as a command separator. This could lead to command injection, enabling the attacker to execute arbitrary code on the system.
8.1 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:26bfd90af1d7fb3787511dea26d5ea1368f07b145f85758d708bfa108abaec65_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8211925df422ecce0ba43f8aed2299cf3a2cc1b04c68be59972bfee210f5f094_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9504542a9e097ed2f7a2729883db5be8bbc9c8a5f776797bb0f4e145aee70ea3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb4859594eb70bdbafb57c6559ef63ba5ad5f75661cf0863fe6f1c3e287326da_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dbf34fe3dfa3ad05d3b4f0b31c6df5af681b6861dce5f1d5afda55172d624ef_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:20b191658314a61ccce8d4fd355f00c53e3899bb3d59eae1474105c012ddff8d_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:78d18c9e3add33c1d107c362ed7b5f8fd7662b69ae8b53ec2010584c25738746_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b424872f6a729439b1e01bc874496b91b9eedd9241186f2259592a0e4a215614_arm64 | — |
Vendor Fix
fix
|
Known not affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:2daadecfbd74f5117f1f201422e40873c3e282d4cfa7f68120b6cf20c0a25df5_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:8450f54ec40626dccf2d7e31ff964fbfd9cb603b208f50e640e72933d568ef3e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:be7aa341e43aed513489afd74dca73bd8470a9f49514792a74715bd198f6cb1d_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:d1f1ee9cc09c530e5e795e2e7ababbc3c9b6b6c1412944a73537c1a7d5cdea76_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f739d6238e0822edb906a9b21cab46e47799daa0ac4be96b6678de52a9ecc0a2_amd64 | — |
Threats
Impact
Important
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
5.9 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dbf34fe3dfa3ad05d3b4f0b31c6df5af681b6861dce5f1d5afda55172d624ef_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:20b191658314a61ccce8d4fd355f00c53e3899bb3d59eae1474105c012ddff8d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:78d18c9e3add33c1d107c362ed7b5f8fd7662b69ae8b53ec2010584c25738746_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b424872f6a729439b1e01bc874496b91b9eedd9241186f2259592a0e4a215614_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:2daadecfbd74f5117f1f201422e40873c3e282d4cfa7f68120b6cf20c0a25df5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:26bfd90af1d7fb3787511dea26d5ea1368f07b145f85758d708bfa108abaec65_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8211925df422ecce0ba43f8aed2299cf3a2cc1b04c68be59972bfee210f5f094_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9504542a9e097ed2f7a2729883db5be8bbc9c8a5f776797bb0f4e145aee70ea3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb4859594eb70bdbafb57c6559ef63ba5ad5f75661cf0863fe6f1c3e287326da_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:8450f54ec40626dccf2d7e31ff964fbfd9cb603b208f50e640e72933d568ef3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:be7aa341e43aed513489afd74dca73bd8470a9f49514792a74715bd198f6cb1d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:d1f1ee9cc09c530e5e795e2e7ababbc3c9b6b6c1412944a73537c1a7d5cdea76_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f739d6238e0822edb906a9b21cab46e47799daa0ac4be96b6678de52a9ecc0a2_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in protobufjs, a library used to compile protobuf definitions into JavaScript functions. A remote attacker could exploit this vulnerability by providing a crafted descriptor that includes a non-string default value for a bytes field. This could lead to the generation of an unsafe expression within the toObject conversion function, ultimately allowing the attacker to execute arbitrary code.
7.1 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:26bfd90af1d7fb3787511dea26d5ea1368f07b145f85758d708bfa108abaec65_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8211925df422ecce0ba43f8aed2299cf3a2cc1b04c68be59972bfee210f5f094_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9504542a9e097ed2f7a2729883db5be8bbc9c8a5f776797bb0f4e145aee70ea3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb4859594eb70bdbafb57c6559ef63ba5ad5f75661cf0863fe6f1c3e287326da_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dbf34fe3dfa3ad05d3b4f0b31c6df5af681b6861dce5f1d5afda55172d624ef_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:20b191658314a61ccce8d4fd355f00c53e3899bb3d59eae1474105c012ddff8d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:78d18c9e3add33c1d107c362ed7b5f8fd7662b69ae8b53ec2010584c25738746_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b424872f6a729439b1e01bc874496b91b9eedd9241186f2259592a0e4a215614_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:2daadecfbd74f5117f1f201422e40873c3e282d4cfa7f68120b6cf20c0a25df5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:8450f54ec40626dccf2d7e31ff964fbfd9cb603b208f50e640e72933d568ef3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:be7aa341e43aed513489afd74dca73bd8470a9f49514792a74715bd198f6cb1d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:d1f1ee9cc09c530e5e795e2e7ababbc3c9b6b6c1412944a73537c1a7d5cdea76_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f739d6238e0822edb906a9b21cab46e47799daa0ac4be96b6678de52a9ecc0a2_amd64 | — |
Workaround
|
Threats
Impact
Important
References
28 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Kiali 2.22.5 for Red Hat OpenShift Service Mesh 3.3 is now available.\nAn update is now available for Red Hat OpenShift Service Mesh 3.3. This advisory contains the RPM packages for the Kiali component.\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Kiali 2.22.5, for Red Hat OpenShift Service Mesh 3.3, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently.\n\nSecurity Fix(es):\n\n* CVE-2026-32281 Go crypto/x509: Denial of Service via inefficient certificate chain validation (OSSM-13870)\n\n* CVE-2026-9277 openshift-service-mesh/kiali-ossmc-rhel9: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators (ossm-13912)\n\n* CVE-2026-9277 openshift-service-mesh/kiali-rhel9: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators (ossm-13916)\n\n* CVE-2026-44293 openshift-service-mesh/kiali-rhel9: protobufjs: Arbitrary code execution due to unsafe expression generation from crafted protobuf descriptors (ossm-13962)\n\n* CVE-2026-44293 openshift-service-mesh/kiali-ossmc-rhel9: protobufjs: Arbitrary code execution due to unsafe expression generation from crafted protobuf descriptors (ossm-13963)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:26090",
"url": "https://access.redhat.com/errata/RHSA-2026:26090"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44293",
"url": "https://access.redhat.com/security/cve/CVE-2026-44293"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-9277",
"url": "https://access.redhat.com/security/cve/CVE-2026-9277"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification",
"url": "https://access.redhat.com/security/updates/classification"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26090.json"
}
],
"title": "Red Hat Security Advisory: Kiali 2.22.5 for Red Hat OpenShift Service Mesh 3.3",
"tracking": {
"current_release_date": "2026-06-16T23:10:12+00:00",
"generator": {
"date": "2026-06-16T23:10:12+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2026:26090",
"initial_release_date": "2026-06-15T23:27:25+00:00",
"revision_history": [
{
"date": "2026-06-15T23:27:25+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-15T23:27:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-16T23:10:12+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Service Mesh 3.3",
"product": {
"name": "Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:3.3::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dbf34fe3dfa3ad05d3b4f0b31c6df5af681b6861dce5f1d5afda55172d624ef_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dbf34fe3dfa3ad05d3b4f0b31c6df5af681b6861dce5f1d5afda55172d624ef_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dbf34fe3dfa3ad05d3b4f0b31c6df5af681b6861dce5f1d5afda55172d624ef_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A0dbf34fe3dfa3ad05d3b4f0b31c6df5af681b6861dce5f1d5afda55172d624ef?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9\u0026tag=1780997438"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:2daadecfbd74f5117f1f201422e40873c3e282d4cfa7f68120b6cf20c0a25df5_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:2daadecfbd74f5117f1f201422e40873c3e282d4cfa7f68120b6cf20c0a25df5_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:2daadecfbd74f5117f1f201422e40873c3e282d4cfa7f68120b6cf20c0a25df5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-operator-bundle@sha256%3A2daadecfbd74f5117f1f201422e40873c3e282d4cfa7f68120b6cf20c0a25df5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-operator-bundle\u0026tag=1781006252"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f739d6238e0822edb906a9b21cab46e47799daa0ac4be96b6678de52a9ecc0a2_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f739d6238e0822edb906a9b21cab46e47799daa0ac4be96b6678de52a9ecc0a2_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f739d6238e0822edb906a9b21cab46e47799daa0ac4be96b6678de52a9ecc0a2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9-operator@sha256%3Af739d6238e0822edb906a9b21cab46e47799daa0ac4be96b6678de52a9ecc0a2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator\u0026tag=1780997314"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9504542a9e097ed2f7a2729883db5be8bbc9c8a5f776797bb0f4e145aee70ea3_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9504542a9e097ed2f7a2729883db5be8bbc9c8a5f776797bb0f4e145aee70ea3_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9504542a9e097ed2f7a2729883db5be8bbc9c8a5f776797bb0f4e145aee70ea3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A9504542a9e097ed2f7a2729883db5be8bbc9c8a5f776797bb0f4e145aee70ea3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9\u0026tag=1780997382"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b424872f6a729439b1e01bc874496b91b9eedd9241186f2259592a0e4a215614_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b424872f6a729439b1e01bc874496b91b9eedd9241186f2259592a0e4a215614_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b424872f6a729439b1e01bc874496b91b9eedd9241186f2259592a0e4a215614_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3Ab424872f6a729439b1e01bc874496b91b9eedd9241186f2259592a0e4a215614?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9\u0026tag=1780997438"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:be7aa341e43aed513489afd74dca73bd8470a9f49514792a74715bd198f6cb1d_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:be7aa341e43aed513489afd74dca73bd8470a9f49514792a74715bd198f6cb1d_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:be7aa341e43aed513489afd74dca73bd8470a9f49514792a74715bd198f6cb1d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9-operator@sha256%3Abe7aa341e43aed513489afd74dca73bd8470a9f49514792a74715bd198f6cb1d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator\u0026tag=1780997314"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:26bfd90af1d7fb3787511dea26d5ea1368f07b145f85758d708bfa108abaec65_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:26bfd90af1d7fb3787511dea26d5ea1368f07b145f85758d708bfa108abaec65_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:26bfd90af1d7fb3787511dea26d5ea1368f07b145f85758d708bfa108abaec65_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A26bfd90af1d7fb3787511dea26d5ea1368f07b145f85758d708bfa108abaec65?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9\u0026tag=1780997382"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:78d18c9e3add33c1d107c362ed7b5f8fd7662b69ae8b53ec2010584c25738746_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:78d18c9e3add33c1d107c362ed7b5f8fd7662b69ae8b53ec2010584c25738746_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:78d18c9e3add33c1d107c362ed7b5f8fd7662b69ae8b53ec2010584c25738746_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A78d18c9e3add33c1d107c362ed7b5f8fd7662b69ae8b53ec2010584c25738746?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9\u0026tag=1780997438"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:8450f54ec40626dccf2d7e31ff964fbfd9cb603b208f50e640e72933d568ef3e_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:8450f54ec40626dccf2d7e31ff964fbfd9cb603b208f50e640e72933d568ef3e_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:8450f54ec40626dccf2d7e31ff964fbfd9cb603b208f50e640e72933d568ef3e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9-operator@sha256%3A8450f54ec40626dccf2d7e31ff964fbfd9cb603b208f50e640e72933d568ef3e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator\u0026tag=1780997314"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8211925df422ecce0ba43f8aed2299cf3a2cc1b04c68be59972bfee210f5f094_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8211925df422ecce0ba43f8aed2299cf3a2cc1b04c68be59972bfee210f5f094_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8211925df422ecce0ba43f8aed2299cf3a2cc1b04c68be59972bfee210f5f094_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3A8211925df422ecce0ba43f8aed2299cf3a2cc1b04c68be59972bfee210f5f094?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9\u0026tag=1780997382"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:20b191658314a61ccce8d4fd355f00c53e3899bb3d59eae1474105c012ddff8d_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:20b191658314a61ccce8d4fd355f00c53e3899bb3d59eae1474105c012ddff8d_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:20b191658314a61ccce8d4fd355f00c53e3899bb3d59eae1474105c012ddff8d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9@sha256%3A20b191658314a61ccce8d4fd355f00c53e3899bb3d59eae1474105c012ddff8d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9\u0026tag=1780997438"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:d1f1ee9cc09c530e5e795e2e7ababbc3c9b6b6c1412944a73537c1a7d5cdea76_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:d1f1ee9cc09c530e5e795e2e7ababbc3c9b6b6c1412944a73537c1a7d5cdea76_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:d1f1ee9cc09c530e5e795e2e7ababbc3c9b6b6c1412944a73537c1a7d5cdea76_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel9-operator@sha256%3Ad1f1ee9cc09c530e5e795e2e7ababbc3c9b6b6c1412944a73537c1a7d5cdea76?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator\u0026tag=1780997314"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb4859594eb70bdbafb57c6559ef63ba5ad5f75661cf0863fe6f1c3e287326da_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb4859594eb70bdbafb57c6559ef63ba5ad5f75661cf0863fe6f1c3e287326da_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb4859594eb70bdbafb57c6559ef63ba5ad5f75661cf0863fe6f1c3e287326da_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel9@sha256%3Acb4859594eb70bdbafb57c6559ef63ba5ad5f75661cf0863fe6f1c3e287326da?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9\u0026tag=1780997382"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:2daadecfbd74f5117f1f201422e40873c3e282d4cfa7f68120b6cf20c0a25df5_amd64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:2daadecfbd74f5117f1f201422e40873c3e282d4cfa7f68120b6cf20c0a25df5_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:2daadecfbd74f5117f1f201422e40873c3e282d4cfa7f68120b6cf20c0a25df5_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:26bfd90af1d7fb3787511dea26d5ea1368f07b145f85758d708bfa108abaec65_arm64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:26bfd90af1d7fb3787511dea26d5ea1368f07b145f85758d708bfa108abaec65_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:26bfd90af1d7fb3787511dea26d5ea1368f07b145f85758d708bfa108abaec65_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8211925df422ecce0ba43f8aed2299cf3a2cc1b04c68be59972bfee210f5f094_ppc64le as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8211925df422ecce0ba43f8aed2299cf3a2cc1b04c68be59972bfee210f5f094_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8211925df422ecce0ba43f8aed2299cf3a2cc1b04c68be59972bfee210f5f094_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9504542a9e097ed2f7a2729883db5be8bbc9c8a5f776797bb0f4e145aee70ea3_amd64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9504542a9e097ed2f7a2729883db5be8bbc9c8a5f776797bb0f4e145aee70ea3_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9504542a9e097ed2f7a2729883db5be8bbc9c8a5f776797bb0f4e145aee70ea3_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb4859594eb70bdbafb57c6559ef63ba5ad5f75661cf0863fe6f1c3e287326da_s390x as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb4859594eb70bdbafb57c6559ef63ba5ad5f75661cf0863fe6f1c3e287326da_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb4859594eb70bdbafb57c6559ef63ba5ad5f75661cf0863fe6f1c3e287326da_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:8450f54ec40626dccf2d7e31ff964fbfd9cb603b208f50e640e72933d568ef3e_ppc64le as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:8450f54ec40626dccf2d7e31ff964fbfd9cb603b208f50e640e72933d568ef3e_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:8450f54ec40626dccf2d7e31ff964fbfd9cb603b208f50e640e72933d568ef3e_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:be7aa341e43aed513489afd74dca73bd8470a9f49514792a74715bd198f6cb1d_arm64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:be7aa341e43aed513489afd74dca73bd8470a9f49514792a74715bd198f6cb1d_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:be7aa341e43aed513489afd74dca73bd8470a9f49514792a74715bd198f6cb1d_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:d1f1ee9cc09c530e5e795e2e7ababbc3c9b6b6c1412944a73537c1a7d5cdea76_s390x as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:d1f1ee9cc09c530e5e795e2e7ababbc3c9b6b6c1412944a73537c1a7d5cdea76_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:d1f1ee9cc09c530e5e795e2e7ababbc3c9b6b6c1412944a73537c1a7d5cdea76_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f739d6238e0822edb906a9b21cab46e47799daa0ac4be96b6678de52a9ecc0a2_amd64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f739d6238e0822edb906a9b21cab46e47799daa0ac4be96b6678de52a9ecc0a2_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f739d6238e0822edb906a9b21cab46e47799daa0ac4be96b6678de52a9ecc0a2_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dbf34fe3dfa3ad05d3b4f0b31c6df5af681b6861dce5f1d5afda55172d624ef_amd64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dbf34fe3dfa3ad05d3b4f0b31c6df5af681b6861dce5f1d5afda55172d624ef_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dbf34fe3dfa3ad05d3b4f0b31c6df5af681b6861dce5f1d5afda55172d624ef_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:20b191658314a61ccce8d4fd355f00c53e3899bb3d59eae1474105c012ddff8d_s390x as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:20b191658314a61ccce8d4fd355f00c53e3899bb3d59eae1474105c012ddff8d_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:20b191658314a61ccce8d4fd355f00c53e3899bb3d59eae1474105c012ddff8d_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:78d18c9e3add33c1d107c362ed7b5f8fd7662b69ae8b53ec2010584c25738746_ppc64le as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:78d18c9e3add33c1d107c362ed7b5f8fd7662b69ae8b53ec2010584c25738746_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:78d18c9e3add33c1d107c362ed7b5f8fd7662b69ae8b53ec2010584c25738746_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b424872f6a729439b1e01bc874496b91b9eedd9241186f2259592a0e4a215614_arm64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b424872f6a729439b1e01bc874496b91b9eedd9241186f2259592a0e4a215614_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b424872f6a729439b1e01bc874496b91b9eedd9241186f2259592a0e4a215614_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-9277",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2026-05-22T14:01:14.427751+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:2daadecfbd74f5117f1f201422e40873c3e282d4cfa7f68120b6cf20c0a25df5_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:8450f54ec40626dccf2d7e31ff964fbfd9cb603b208f50e640e72933d568ef3e_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:be7aa341e43aed513489afd74dca73bd8470a9f49514792a74715bd198f6cb1d_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:d1f1ee9cc09c530e5e795e2e7ababbc3c9b6b6c1412944a73537c1a7d5cdea76_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f739d6238e0822edb906a9b21cab46e47799daa0ac4be96b6678de52a9ecc0a2_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480741"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the shell-quote component. The quote() function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpret as a command separator. This could lead to command injection, enabling the attacker to execute arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:26bfd90af1d7fb3787511dea26d5ea1368f07b145f85758d708bfa108abaec65_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8211925df422ecce0ba43f8aed2299cf3a2cc1b04c68be59972bfee210f5f094_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9504542a9e097ed2f7a2729883db5be8bbc9c8a5f776797bb0f4e145aee70ea3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb4859594eb70bdbafb57c6559ef63ba5ad5f75661cf0863fe6f1c3e287326da_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dbf34fe3dfa3ad05d3b4f0b31c6df5af681b6861dce5f1d5afda55172d624ef_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:20b191658314a61ccce8d4fd355f00c53e3899bb3d59eae1474105c012ddff8d_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:78d18c9e3add33c1d107c362ed7b5f8fd7662b69ae8b53ec2010584c25738746_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b424872f6a729439b1e01bc874496b91b9eedd9241186f2259592a0e4a215614_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:2daadecfbd74f5117f1f201422e40873c3e282d4cfa7f68120b6cf20c0a25df5_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:8450f54ec40626dccf2d7e31ff964fbfd9cb603b208f50e640e72933d568ef3e_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:be7aa341e43aed513489afd74dca73bd8470a9f49514792a74715bd198f6cb1d_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:d1f1ee9cc09c530e5e795e2e7ababbc3c9b6b6c1412944a73537c1a7d5cdea76_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f739d6238e0822edb906a9b21cab46e47799daa0ac4be96b6678de52a9ecc0a2_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-9277"
},
{
"category": "external",
"summary": "RHBZ#2480741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480741"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-9277",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9277"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9277",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9277"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote",
"url": "https://github.com/ljharb/shell-quote"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote/commit/1518179",
"url": "https://github.com/ljharb/shell-quote/commit/1518179"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p",
"url": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/shell-quote",
"url": "https://www.npmjs.com/package/shell-quote"
}
],
"release_date": "2026-05-22T13:22:38.873000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-15T23:27:25+00:00",
"details": "See Kiali 2.22.4 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.3/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:26bfd90af1d7fb3787511dea26d5ea1368f07b145f85758d708bfa108abaec65_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8211925df422ecce0ba43f8aed2299cf3a2cc1b04c68be59972bfee210f5f094_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9504542a9e097ed2f7a2729883db5be8bbc9c8a5f776797bb0f4e145aee70ea3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb4859594eb70bdbafb57c6559ef63ba5ad5f75661cf0863fe6f1c3e287326da_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dbf34fe3dfa3ad05d3b4f0b31c6df5af681b6861dce5f1d5afda55172d624ef_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:20b191658314a61ccce8d4fd355f00c53e3899bb3d59eae1474105c012ddff8d_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:78d18c9e3add33c1d107c362ed7b5f8fd7662b69ae8b53ec2010584c25738746_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b424872f6a729439b1e01bc874496b91b9eedd9241186f2259592a0e4a215614_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26090"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:2daadecfbd74f5117f1f201422e40873c3e282d4cfa7f68120b6cf20c0a25df5_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:26bfd90af1d7fb3787511dea26d5ea1368f07b145f85758d708bfa108abaec65_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8211925df422ecce0ba43f8aed2299cf3a2cc1b04c68be59972bfee210f5f094_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9504542a9e097ed2f7a2729883db5be8bbc9c8a5f776797bb0f4e145aee70ea3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb4859594eb70bdbafb57c6559ef63ba5ad5f75661cf0863fe6f1c3e287326da_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:8450f54ec40626dccf2d7e31ff964fbfd9cb603b208f50e640e72933d568ef3e_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:be7aa341e43aed513489afd74dca73bd8470a9f49514792a74715bd198f6cb1d_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:d1f1ee9cc09c530e5e795e2e7ababbc3c9b6b6c1412944a73537c1a7d5cdea76_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f739d6238e0822edb906a9b21cab46e47799daa0ac4be96b6678de52a9ecc0a2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dbf34fe3dfa3ad05d3b4f0b31c6df5af681b6861dce5f1d5afda55172d624ef_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:20b191658314a61ccce8d4fd355f00c53e3899bb3d59eae1474105c012ddff8d_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:78d18c9e3add33c1d107c362ed7b5f8fd7662b69ae8b53ec2010584c25738746_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b424872f6a729439b1e01bc874496b91b9eedd9241186f2259592a0e4a215614_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:2daadecfbd74f5117f1f201422e40873c3e282d4cfa7f68120b6cf20c0a25df5_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:26bfd90af1d7fb3787511dea26d5ea1368f07b145f85758d708bfa108abaec65_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8211925df422ecce0ba43f8aed2299cf3a2cc1b04c68be59972bfee210f5f094_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9504542a9e097ed2f7a2729883db5be8bbc9c8a5f776797bb0f4e145aee70ea3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb4859594eb70bdbafb57c6559ef63ba5ad5f75661cf0863fe6f1c3e287326da_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:8450f54ec40626dccf2d7e31ff964fbfd9cb603b208f50e640e72933d568ef3e_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:be7aa341e43aed513489afd74dca73bd8470a9f49514792a74715bd198f6cb1d_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:d1f1ee9cc09c530e5e795e2e7ababbc3c9b6b6c1412944a73537c1a7d5cdea76_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f739d6238e0822edb906a9b21cab46e47799daa0ac4be96b6678de52a9ecc0a2_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dbf34fe3dfa3ad05d3b4f0b31c6df5af681b6861dce5f1d5afda55172d624ef_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:20b191658314a61ccce8d4fd355f00c53e3899bb3d59eae1474105c012ddff8d_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:78d18c9e3add33c1d107c362ed7b5f8fd7662b69ae8b53ec2010584c25738746_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b424872f6a729439b1e01bc874496b91b9eedd9241186f2259592a0e4a215614_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:2daadecfbd74f5117f1f201422e40873c3e282d4cfa7f68120b6cf20c0a25df5_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:26bfd90af1d7fb3787511dea26d5ea1368f07b145f85758d708bfa108abaec65_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8211925df422ecce0ba43f8aed2299cf3a2cc1b04c68be59972bfee210f5f094_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9504542a9e097ed2f7a2729883db5be8bbc9c8a5f776797bb0f4e145aee70ea3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb4859594eb70bdbafb57c6559ef63ba5ad5f75661cf0863fe6f1c3e287326da_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:8450f54ec40626dccf2d7e31ff964fbfd9cb603b208f50e640e72933d568ef3e_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:be7aa341e43aed513489afd74dca73bd8470a9f49514792a74715bd198f6cb1d_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:d1f1ee9cc09c530e5e795e2e7ababbc3c9b6b6c1412944a73537c1a7d5cdea76_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f739d6238e0822edb906a9b21cab46e47799daa0ac4be96b6678de52a9ecc0a2_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-15T23:27:25+00:00",
"details": "See Kiali 2.22.4 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.3/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dbf34fe3dfa3ad05d3b4f0b31c6df5af681b6861dce5f1d5afda55172d624ef_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:20b191658314a61ccce8d4fd355f00c53e3899bb3d59eae1474105c012ddff8d_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:78d18c9e3add33c1d107c362ed7b5f8fd7662b69ae8b53ec2010584c25738746_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b424872f6a729439b1e01bc874496b91b9eedd9241186f2259592a0e4a215614_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26090"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:2daadecfbd74f5117f1f201422e40873c3e282d4cfa7f68120b6cf20c0a25df5_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:26bfd90af1d7fb3787511dea26d5ea1368f07b145f85758d708bfa108abaec65_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8211925df422ecce0ba43f8aed2299cf3a2cc1b04c68be59972bfee210f5f094_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9504542a9e097ed2f7a2729883db5be8bbc9c8a5f776797bb0f4e145aee70ea3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb4859594eb70bdbafb57c6559ef63ba5ad5f75661cf0863fe6f1c3e287326da_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:8450f54ec40626dccf2d7e31ff964fbfd9cb603b208f50e640e72933d568ef3e_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:be7aa341e43aed513489afd74dca73bd8470a9f49514792a74715bd198f6cb1d_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:d1f1ee9cc09c530e5e795e2e7ababbc3c9b6b6c1412944a73537c1a7d5cdea76_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f739d6238e0822edb906a9b21cab46e47799daa0ac4be96b6678de52a9ecc0a2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dbf34fe3dfa3ad05d3b4f0b31c6df5af681b6861dce5f1d5afda55172d624ef_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:20b191658314a61ccce8d4fd355f00c53e3899bb3d59eae1474105c012ddff8d_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:78d18c9e3add33c1d107c362ed7b5f8fd7662b69ae8b53ec2010584c25738746_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b424872f6a729439b1e01bc874496b91b9eedd9241186f2259592a0e4a215614_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:2daadecfbd74f5117f1f201422e40873c3e282d4cfa7f68120b6cf20c0a25df5_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:26bfd90af1d7fb3787511dea26d5ea1368f07b145f85758d708bfa108abaec65_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8211925df422ecce0ba43f8aed2299cf3a2cc1b04c68be59972bfee210f5f094_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9504542a9e097ed2f7a2729883db5be8bbc9c8a5f776797bb0f4e145aee70ea3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb4859594eb70bdbafb57c6559ef63ba5ad5f75661cf0863fe6f1c3e287326da_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:8450f54ec40626dccf2d7e31ff964fbfd9cb603b208f50e640e72933d568ef3e_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:be7aa341e43aed513489afd74dca73bd8470a9f49514792a74715bd198f6cb1d_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:d1f1ee9cc09c530e5e795e2e7ababbc3c9b6b6c1412944a73537c1a7d5cdea76_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f739d6238e0822edb906a9b21cab46e47799daa0ac4be96b6678de52a9ecc0a2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dbf34fe3dfa3ad05d3b4f0b31c6df5af681b6861dce5f1d5afda55172d624ef_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:20b191658314a61ccce8d4fd355f00c53e3899bb3d59eae1474105c012ddff8d_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:78d18c9e3add33c1d107c362ed7b5f8fd7662b69ae8b53ec2010584c25738746_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b424872f6a729439b1e01bc874496b91b9eedd9241186f2259592a0e4a215614_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
},
{
"cve": "CVE-2026-44293",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-05-13T16:03:50.961609+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:2daadecfbd74f5117f1f201422e40873c3e282d4cfa7f68120b6cf20c0a25df5_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:8450f54ec40626dccf2d7e31ff964fbfd9cb603b208f50e640e72933d568ef3e_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:be7aa341e43aed513489afd74dca73bd8470a9f49514792a74715bd198f6cb1d_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:d1f1ee9cc09c530e5e795e2e7ababbc3c9b6b6c1412944a73537c1a7d5cdea76_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f739d6238e0822edb906a9b21cab46e47799daa0ac4be96b6678de52a9ecc0a2_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477104"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in protobufjs, a library used to compile protobuf definitions into JavaScript functions. A remote attacker could exploit this vulnerability by providing a crafted descriptor that includes a non-string default value for a bytes field. This could lead to the generation of an unsafe expression within the toObject conversion function, ultimately allowing the attacker to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "protobufjs: protobufjs: Arbitrary code execution due to unsafe expression generation from crafted protobuf descriptors",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw affecting Red Hat products that incorporate the protobufjs library. protobufjs is vulnerable to arbitrary code execution when compiling protobuf definitions into JavaScript. During generation of the toObject conversion function, a schema-controlled default value on a bytes field that is not a string can be emitted as unsafe JavaScript code. An attacker who can supply or influence the protobuf descriptor processed by the application (low privileges required) may achieve code execution in the Node.js process context. Fixed upstream in protobufjs 7.5.6 and 8.0.2. Affects Red Hat offerings that bundle protobufjs and process attacker-influenced protobuf schemas at runtime.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:26bfd90af1d7fb3787511dea26d5ea1368f07b145f85758d708bfa108abaec65_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8211925df422ecce0ba43f8aed2299cf3a2cc1b04c68be59972bfee210f5f094_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9504542a9e097ed2f7a2729883db5be8bbc9c8a5f776797bb0f4e145aee70ea3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb4859594eb70bdbafb57c6559ef63ba5ad5f75661cf0863fe6f1c3e287326da_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dbf34fe3dfa3ad05d3b4f0b31c6df5af681b6861dce5f1d5afda55172d624ef_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:20b191658314a61ccce8d4fd355f00c53e3899bb3d59eae1474105c012ddff8d_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:78d18c9e3add33c1d107c362ed7b5f8fd7662b69ae8b53ec2010584c25738746_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b424872f6a729439b1e01bc874496b91b9eedd9241186f2259592a0e4a215614_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:2daadecfbd74f5117f1f201422e40873c3e282d4cfa7f68120b6cf20c0a25df5_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:8450f54ec40626dccf2d7e31ff964fbfd9cb603b208f50e640e72933d568ef3e_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:be7aa341e43aed513489afd74dca73bd8470a9f49514792a74715bd198f6cb1d_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:d1f1ee9cc09c530e5e795e2e7ababbc3c9b6b6c1412944a73537c1a7d5cdea76_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f739d6238e0822edb906a9b21cab46e47799daa0ac4be96b6678de52a9ecc0a2_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44293"
},
{
"category": "external",
"summary": "RHBZ#2477104",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477104"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44293",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44293"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44293",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44293"
},
{
"category": "external",
"summary": "https://github.com/protobufjs/protobuf.js/security/advisories/GHSA-66ff-xgx4-vchm",
"url": "https://github.com/protobufjs/protobuf.js/security/advisories/GHSA-66ff-xgx4-vchm"
}
],
"release_date": "2026-05-13T14:43:33.342000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-15T23:27:25+00:00",
"details": "See Kiali 2.22.4 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.3/html/observability/kiali-operator-provided-by-red-hat",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:26bfd90af1d7fb3787511dea26d5ea1368f07b145f85758d708bfa108abaec65_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8211925df422ecce0ba43f8aed2299cf3a2cc1b04c68be59972bfee210f5f094_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9504542a9e097ed2f7a2729883db5be8bbc9c8a5f776797bb0f4e145aee70ea3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb4859594eb70bdbafb57c6559ef63ba5ad5f75661cf0863fe6f1c3e287326da_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dbf34fe3dfa3ad05d3b4f0b31c6df5af681b6861dce5f1d5afda55172d624ef_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:20b191658314a61ccce8d4fd355f00c53e3899bb3d59eae1474105c012ddff8d_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:78d18c9e3add33c1d107c362ed7b5f8fd7662b69ae8b53ec2010584c25738746_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b424872f6a729439b1e01bc874496b91b9eedd9241186f2259592a0e4a215614_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26090"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:2daadecfbd74f5117f1f201422e40873c3e282d4cfa7f68120b6cf20c0a25df5_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:26bfd90af1d7fb3787511dea26d5ea1368f07b145f85758d708bfa108abaec65_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8211925df422ecce0ba43f8aed2299cf3a2cc1b04c68be59972bfee210f5f094_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9504542a9e097ed2f7a2729883db5be8bbc9c8a5f776797bb0f4e145aee70ea3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb4859594eb70bdbafb57c6559ef63ba5ad5f75661cf0863fe6f1c3e287326da_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:8450f54ec40626dccf2d7e31ff964fbfd9cb603b208f50e640e72933d568ef3e_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:be7aa341e43aed513489afd74dca73bd8470a9f49514792a74715bd198f6cb1d_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:d1f1ee9cc09c530e5e795e2e7ababbc3c9b6b6c1412944a73537c1a7d5cdea76_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f739d6238e0822edb906a9b21cab46e47799daa0ac4be96b6678de52a9ecc0a2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dbf34fe3dfa3ad05d3b4f0b31c6df5af681b6861dce5f1d5afda55172d624ef_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:20b191658314a61ccce8d4fd355f00c53e3899bb3d59eae1474105c012ddff8d_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:78d18c9e3add33c1d107c362ed7b5f8fd7662b69ae8b53ec2010584c25738746_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b424872f6a729439b1e01bc874496b91b9eedd9241186f2259592a0e4a215614_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-operator-bundle@sha256:2daadecfbd74f5117f1f201422e40873c3e282d4cfa7f68120b6cf20c0a25df5_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:26bfd90af1d7fb3787511dea26d5ea1368f07b145f85758d708bfa108abaec65_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:8211925df422ecce0ba43f8aed2299cf3a2cc1b04c68be59972bfee210f5f094_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:9504542a9e097ed2f7a2729883db5be8bbc9c8a5f776797bb0f4e145aee70ea3_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel9@sha256:cb4859594eb70bdbafb57c6559ef63ba5ad5f75661cf0863fe6f1c3e287326da_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:8450f54ec40626dccf2d7e31ff964fbfd9cb603b208f50e640e72933d568ef3e_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:be7aa341e43aed513489afd74dca73bd8470a9f49514792a74715bd198f6cb1d_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:d1f1ee9cc09c530e5e795e2e7ababbc3c9b6b6c1412944a73537c1a7d5cdea76_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9-operator@sha256:f739d6238e0822edb906a9b21cab46e47799daa0ac4be96b6678de52a9ecc0a2_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:0dbf34fe3dfa3ad05d3b4f0b31c6df5af681b6861dce5f1d5afda55172d624ef_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:20b191658314a61ccce8d4fd355f00c53e3899bb3d59eae1474105c012ddff8d_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:78d18c9e3add33c1d107c362ed7b5f8fd7662b69ae8b53ec2010584c25738746_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/kiali-rhel9@sha256:b424872f6a729439b1e01bc874496b91b9eedd9241186f2259592a0e4a215614_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "protobufjs: protobufjs: Arbitrary code execution due to unsafe expression generation from crafted protobuf descriptors"
}
]
}
RHSA-2026:26225
Vulnerability from csaf_redhat - Published: 2026-06-16 09:06 - Updated: 2026-06-16 22:00Summary
Red Hat Security Advisory: Technical preview of the satellite/iop-vulnerability-frontend-rhel9 container image
Severity
Important
Notes
Topic: A new satellite/iop-vulnerability-frontend-rhel9 container image is now available as a technical preview in the Red Hat container registry.
Details: Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running services, and configuration settings.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in fast-uri. A remote attacker could exploit this vulnerability by crafting a malicious Uniform Resource Identifier (URI) that contains percent-encoded authority delimiters. The fast-uri library incorrectly decodes these delimiters during normalization and then re-emits them as raw separators, which can change the URI's intended authority. This issue allows applications that perform host allowlist checks, redirect validation, or outbound request routing to be steered to a different authority than specified, potentially bypassing security controls.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in the shell-quote component. The quote() function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpret as a command separator. This could lead to command injection, enabling the attacker to execute arbitrary code on the system.
8.1 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in minimatch. A remote attacker could exploit this Regular Expression Denial of Service (ReDoS) vulnerability by providing a specially crafted glob pattern. This pattern, containing numerous consecutive wildcard characters, causes excessive processing and exponential backtracking in the regular expression engine. Successful exploitation leads to a Denial of Service (DoS), making the application unresponsive.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in minimatch. A remote attacker could exploit this vulnerability by providing a specially crafted glob expression with nested unbounded quantifiers. This could lead to catastrophic backtracking in the V8 JavaScript engine, causing the application to become unresponsive and resulting in a Denial of Service (DoS).
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).
8.8 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in marked, a markdown parser and compiler. An unauthenticated attacker can exploit this Denial of Service (DoS) vulnerability by providing a specific 3-byte input sequence (a tab, a vertical tab, and a newline). This input triggers an infinite recursion loop during parsing, leading to unbounded memory allocation and causing the host Node.js application to crash due to Memory Exhaustion (OOM).
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Axios, an HTTP client library. This vulnerability allows an attacker to exploit a prototype pollution issue if another part of the application has already polluted the Object.prototype. By doing so, the attacker can intercept and modify JSON responses or take control of the HTTP communication. This could lead to unauthorized access to sensitive information like user credentials and request details.
7.4 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in Axios, a software library for making network requests. A remote attacker can exploit a prototype pollution vulnerability to inject arbitrary HTTP headers into outgoing requests. This occurs when the application's core object definitions are manipulated, causing Axios to misinterpret data and include attacker-controlled headers in network communications. This could lead to unauthorized actions or data manipulation.
7.4 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Axios, a promise-based HTTP client for browsers and Node.js. This vulnerability occurs because the `toFormData` function recursively processes nested objects without a depth limit. A remote attacker can exploit this by sending deeply nested request data, which causes the Node.js process to crash due to a RangeError, leading to a potential Denial of Service (DoS) if the process crashes.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in Axios, a promise-based HTTP client. This vulnerability, a Prototype Pollution "Gadget" attack, allows an attacker to manipulate the `Object.prototype.validateStatus` property. By polluting this property, all HTTP error responses (such as 401, 403, or 500) are silently treated as successful responses. This can lead to a complete bypass of application-level authentication and error handling, potentially granting unauthorized access.
8.2 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in Axios, a promise-based HTTP client. An attacker who can control the destination address of an Axios request can exploit this vulnerability. By using specific internal network addresses (within the 127.0.0.0/8 range, excluding 127.0.0.1), the attacker can completely bypass the NO_PROXY protection, potentially leading to unauthorized access or information disclosure within the network. This issue is an incomplete fix for a previous vulnerability.
7.2 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution "Gadget" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could lead to significant security breaches, including unauthorized privilege escalation, fraudulent balance manipulation, or bypassing critical authorization checks.
7.4 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
87 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A new satellite/iop-vulnerability-frontend-rhel9 container image is now available as a technical preview in the Red Hat container registry.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running services, and configuration settings.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:26225",
"url": "https://access.redhat.com/errata/RHSA-2026:26225"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-26996",
"url": "https://access.redhat.com/security/cve/CVE-2026-26996"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27904",
"url": "https://access.redhat.com/security/cve/CVE-2026-27904"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29063",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-41680",
"url": "https://access.redhat.com/security/cve/CVE-2026-41680"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42033",
"url": "https://access.redhat.com/security/cve/CVE-2026-42033"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42035",
"url": "https://access.redhat.com/security/cve/CVE-2026-42035"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42039",
"url": "https://access.redhat.com/security/cve/CVE-2026-42039"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42041",
"url": "https://access.redhat.com/security/cve/CVE-2026-42041"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42043",
"url": "https://access.redhat.com/security/cve/CVE-2026-42043"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42044",
"url": "https://access.redhat.com/security/cve/CVE-2026-42044"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-6322",
"url": "https://access.redhat.com/security/cve/CVE-2026-6322"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-9277",
"url": "https://access.redhat.com/security/cve/CVE-2026-9277"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://catalog.redhat.com/software/containers/search",
"url": "https://catalog.redhat.com/software/containers/search"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_connected_network_environment/performing-additional-configuration-on-server_satellite#installing-and-configuring-red-hat-lightspeed-in-satellite",
"url": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_connected_network_environment/performing-additional-configuration-on-server_satellite#installing-and-configuring-red-hat-lightspeed-in-satellite"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_disconnected_network_environment/performing-additional-configuration#installing-and-configuring-red-hat-lightspeed-in-satellite",
"url": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.18/html/installing_satellite_server_in_a_disconnected_network_environment/performing-additional-configuration#installing-and-configuring-red-hat-lightspeed-in-satellite"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26225.json"
}
],
"title": "Red Hat Security Advisory: Technical preview of the satellite/iop-vulnerability-frontend-rhel9 container image",
"tracking": {
"current_release_date": "2026-06-16T22:00:29+00:00",
"generator": {
"date": "2026-06-16T22:00:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2026:26225",
"initial_release_date": "2026-06-16T09:06:09+00:00",
"revision_history": [
{
"date": "2026-06-16T09:06:09+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-16T09:06:19+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-16T22:00:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 6.18",
"product": {
"name": "Red Hat Satellite 6.18",
"product_id": "Red Hat Satellite 6.18",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.18::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64",
"product": {
"name": "registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64",
"product_id": "registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64",
"product_identification_helper": {
"purl": "pkg:oci/iop-vulnerability-frontend-rhel9@sha256%3A6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35?arch=amd64\u0026repository_url=registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9\u0026tag=1781032495"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64 as a component of Red Hat Satellite 6.18",
"product_id": "Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
},
"product_reference": "registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64",
"relates_to_product_reference": "Red Hat Satellite 6.18"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-6322",
"cwe": {
"id": "CWE-140",
"name": "Improper Neutralization of Delimiters"
},
"discovery_date": "2026-05-05T11:01:00.332189+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466684"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in fast-uri. A remote attacker could exploit this vulnerability by crafting a malicious Uniform Resource Identifier (URI) that contains percent-encoded authority delimiters. The fast-uri library incorrectly decodes these delimiters during normalization and then re-emits them as raw separators, which can change the URI\u0027s intended authority. This issue allows applications that perform host allowlist checks, redirect validation, or outbound request routing to be steered to a different authority than specified, potentially bypassing security controls.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fast-uri: fast-uri: URI authority bypass due to improper delimiter handling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-6322"
},
{
"category": "external",
"summary": "RHBZ#2466684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466684"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-6322",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6322"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-6322",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6322"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc",
"url": "https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc"
}
],
"release_date": "2026-05-05T10:29:16.378000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:06:09+00:00",
"details": "For Red Hat Lightspeed in Satellite installation see the Red Hat Satellite documentation.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26225"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "fast-uri: fast-uri: URI authority bypass due to improper delimiter handling"
},
{
"cve": "CVE-2026-9277",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2026-05-22T14:01:14.427751+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480741"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the shell-quote component. The quote() function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpret as a command separator. This could lead to command injection, enabling the attacker to execute arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-9277"
},
{
"category": "external",
"summary": "RHBZ#2480741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480741"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-9277",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9277"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9277",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9277"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote",
"url": "https://github.com/ljharb/shell-quote"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote/commit/1518179",
"url": "https://github.com/ljharb/shell-quote/commit/1518179"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p",
"url": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/shell-quote",
"url": "https://www.npmjs.com/package/shell-quote"
}
],
"release_date": "2026-05-22T13:22:38.873000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:06:09+00:00",
"details": "For Red Hat Lightspeed in Satellite installation see the Red Hat Satellite documentation.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26225"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators"
},
{
"cve": "CVE-2026-26996",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-20T04:01:11.896063+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2441268"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in minimatch. A remote attacker could exploit this Regular Expression Denial of Service (ReDoS) vulnerability by providing a specially crafted glob pattern. This pattern, containing numerous consecutive wildcard characters, causes excessive processing and exponential backtracking in the regular expression engine. Successful exploitation leads to a Denial of Service (DoS), making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimatch: minimatch: Denial of Service via specially crafted glob patterns",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-26996"
},
{
"category": "external",
"summary": "RHBZ#2441268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441268"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-26996",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26996"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5",
"url": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26",
"url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26"
}
],
"release_date": "2026-02-20T03:05:21.105000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:06:09+00:00",
"details": "For Red Hat Lightspeed in Satellite installation see the Red Hat Satellite documentation.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26225"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimatch: minimatch: Denial of Service via specially crafted glob patterns"
},
{
"cve": "CVE-2026-27904",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-26T02:01:23.004531+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2442922"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in minimatch. A remote attacker could exploit this vulnerability by providing a specially crafted glob expression with nested unbounded quantifiers. This could lead to catastrophic backtracking in the V8 JavaScript engine, causing the application to become unresponsive and resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27904"
},
{
"category": "external",
"summary": "RHBZ#2442922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442922"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27904",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27904"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74",
"url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74"
}
],
"release_date": "2026-02-26T01:07:42.693000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:06:09+00:00",
"details": "For Red Hat Lightspeed in Satellite installation see the Red Hat Satellite documentation.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26225"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions"
},
{
"cve": "CVE-2026-29063",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-03-06T19:00:57.982727+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this vulnerability requires that an attacker is able to provide arbitrary data to clients of this library in a way that calls the affected functions with data the attacker controls. In most deployments, the ability to provide data in this fashion requires that an attacker has some degree of privileges to access the affected applications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "RHBZ#2445291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29063",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29063"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw",
"url": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw"
}
],
"release_date": "2026-03-06T18:25:22.438000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:06:09+00:00",
"details": "For Red Hat Lightspeed in Satellite installation see the Red Hat Satellite documentation.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26225"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution"
},
{
"cve": "CVE-2026-41680",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2026-04-24T18:01:07.534035+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461603"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in marked, a markdown parser and compiler. An unauthenticated attacker can exploit this Denial of Service (DoS) vulnerability by providing a specific 3-byte input sequence (a tab, a vertical tab, and a newline). This input triggers an infinite recursion loop during parsing, leading to unbounded memory allocation and causing the host Node.js application to crash due to Memory Exhaustion (OOM).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "marked: Marked: Denial of Service via specific input sequence",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-41680"
},
{
"category": "external",
"summary": "RHBZ#2461603",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461603"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-41680",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41680"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-41680",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41680"
},
{
"category": "external",
"summary": "https://github.com/markedjs/marked/security/advisories/GHSA-6v9c-7cg6-27q7",
"url": "https://github.com/markedjs/marked/security/advisories/GHSA-6v9c-7cg6-27q7"
}
],
"release_date": "2026-04-24T17:26:27.847000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:06:09+00:00",
"details": "For Red Hat Lightspeed in Satellite installation see the Red Hat Satellite documentation.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26225"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, Red Hat products that utilize the \u0027marked\u0027 library should be configured to process markdown content only from trusted sources. If markdown rendering is not a critical function, consider disabling or restricting its use within the application\u0027s configuration to reduce exposure.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "marked: Marked: Denial of Service via specific input sequence"
},
{
"cve": "CVE-2026-42033",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T18:01:20.937507+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461607"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, an HTTP client library. This vulnerability allows an attacker to exploit a prototype pollution issue if another part of the application has already polluted the Object.prototype. By doing so, the attacker can intercept and modify JSON responses or take control of the HTTP communication. This could lead to unauthorized access to sensitive information like user credentials and request details.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: HTTP Transport Hijacking via Prototype Pollution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42033"
},
{
"category": "external",
"summary": "RHBZ#2461607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461607"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42033",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42033"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42033",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42033"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf",
"url": "https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf"
}
],
"release_date": "2026-04-24T17:36:44.132000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:06:09+00:00",
"details": "For Red Hat Lightspeed in Satellite installation see the Red Hat Satellite documentation.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26225"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: HTTP Transport Hijacking via Prototype Pollution"
},
{
"cve": "CVE-2026-42035",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T18:01:17.109481+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461606"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a software library for making network requests. A remote attacker can exploit a prototype pollution vulnerability to inject arbitrary HTTP headers into outgoing requests. This occurs when the application\u0027s core object definitions are manipulated, causing Axios to misinterpret data and include attacker-controlled headers in network communications. This could lead to unauthorized actions or data manipulation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Arbitrary HTTP header injection via prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42035"
},
{
"category": "external",
"summary": "RHBZ#2461606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42035",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42035"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9",
"url": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9"
}
],
"release_date": "2026-04-24T17:38:07.752000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:06:09+00:00",
"details": "For Red Hat Lightspeed in Satellite installation see the Red Hat Satellite documentation.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26225"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "axios: Axios: Arbitrary HTTP header injection via prototype pollution"
},
{
"cve": "CVE-2026-42039",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-24T19:01:44.887156+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461630"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client for browsers and Node.js. This vulnerability occurs because the `toFormData` function recursively processes nested objects without a depth limit. A remote attacker can exploit this by sending deeply nested request data, which causes the Node.js process to crash due to a RangeError, leading to a potential Denial of Service (DoS) if the process crashes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42039"
},
{
"category": "external",
"summary": "RHBZ#2461630",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461630"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42039",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42039"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42039",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42039"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9",
"url": "https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9"
}
],
"release_date": "2026-04-24T18:01:30.775000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:06:09+00:00",
"details": "For Red Hat Lightspeed in Satellite installation see the Red Hat Satellite documentation.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26225"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data"
},
{
"cve": "CVE-2026-42041",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T19:01:41.034289+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461629"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability, a Prototype Pollution \"Gadget\" attack, allows an attacker to manipulate the `Object.prototype.validateStatus` property. By polluting this property, all HTTP error responses (such as 401, 403, or 500) are silently treated as successful responses. This can lead to a complete bypass of application-level authentication and error handling, potentially granting unauthorized access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42041"
},
{
"category": "external",
"summary": "RHBZ#2461629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461629"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42041",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42041"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63",
"url": "https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63"
}
],
"release_date": "2026-04-24T17:55:30.036000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:06:09+00:00",
"details": "For Red Hat Lightspeed in Satellite installation see the Red Hat Satellite documentation.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26225"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling"
},
{
"cve": "CVE-2026-42043",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2026-04-24T19:01:22.552379+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461626"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. An attacker who can control the destination address of an Axios request can exploit this vulnerability. By using specific internal network addresses (within the 127.0.0.0/8 range, excluding 127.0.0.1), the attacker can completely bypass the NO_PROXY protection, potentially leading to unauthorized access or information disclosure within the network. This issue is an incomplete fix for a previous vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: NO_PROXY bypass via crafted URL",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42043"
},
{
"category": "external",
"summary": "RHBZ#2461626",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461626"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42043",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42043"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42043",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42043"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7",
"url": "https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7"
}
],
"release_date": "2026-04-24T17:54:42.668000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:06:09+00:00",
"details": "For Red Hat Lightspeed in Satellite installation see the Red Hat Satellite documentation.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26225"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: NO_PROXY bypass via crafted URL"
},
{
"cve": "CVE-2026-42044",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T19:01:13.418725+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461624"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution \"Gadget\" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could lead to significant security breaches, including unauthorized privilege escalation, fraudulent balance manipulation, or bypassing critical authorization checks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42044"
},
{
"category": "external",
"summary": "RHBZ#2461624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461624"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42044",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42044"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23",
"url": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23"
}
],
"release_date": "2026-04-24T17:49:49.517000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:06:09+00:00",
"details": "For Red Hat Lightspeed in Satellite installation see the Red Hat Satellite documentation.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26225"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Satellite 6.18:registry.redhat.io/satellite/iop-vulnerability-frontend-rhel9@sha256:6af0a58a2e872d0e59c61277af795867da59174f53969162e162e9acb4ca9c35_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget"
}
]
}
RHSA-2026:26234
Vulnerability from csaf_redhat - Published: 2026-06-16 09:33 - Updated: 2026-06-16 23:10Summary
Red Hat Security Advisory: Red Hat Developer Hub 1.9.5 release.
Severity
Important
Notes
Topic: Red Hat Developer Hub 1.9.5 has been released.
Details: Red Hat Developer Hub (RHDH) is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters (AKS, EKS, GKE). The core features of RHDH include a single pane of glass, a centralized software catalog, self-service via golden path templates, and Tech Docs. RHDH is extensible by plugins.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in fast-uri. A remote attacker could exploit this vulnerability by providing a specially crafted Uniform Resource Locator (URL) containing percent-encoded path separators and dot segments. Due to incorrect processing, fast-uri would decode these elements before proper normalization, leading to distinct URLs resolving to the same internal path. This could allow an attacker to bypass security policies that rely on path-based comparisons, potentially gaining unauthorized access to resources.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64 | — |
Threats
Impact
Important
A flaw was found in fast-uri. A remote attacker could exploit this vulnerability by crafting a malicious Uniform Resource Identifier (URI) that contains percent-encoded authority delimiters. The fast-uri library incorrectly decodes these delimiters during normalization and then re-emits them as raw separators, which can change the URI's intended authority. This issue allows applications that perform host allowlist checks, redirect validation, or outbound request routing to be steered to a different authority than specified, potentially bypassing security controls.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64 | — |
Threats
Impact
Important
A flaw was found in the shell-quote component. The quote() function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpret as a command separator. This could lead to command injection, enabling the attacker to execute arbitrary code on the system.
8.1 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64 | — |
Threats
Impact
Important
A flaw was found in vm2, an open-source virtual machine (VM) sandbox for Node.js. This vulnerability allows an attacker to escape the sandbox environment by exploiting the `inspect` function. Successful exploitation can lead to arbitrary code execution on the host system, compromising the integrity and confidentiality of the system.
8.1 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64 | — |
Threats
Impact
Important
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in protobufjs, a JavaScript (JS) library used for compiling protobuf definitions. A remote attacker with low privileges can exploit this vulnerability by injecting arbitrary code into the "type" fields of protobuf definitions. This malicious code will then execute during the object decoding process, leading to arbitrary code execution and potentially full system compromise.
8.8 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64 | — |
Threats
Impact
Important
A flaw was found in xmldom and @xmldom/xmldom, a JavaScript module for parsing and serializing XML. This vulnerability allows an attacker to inject malicious content into XML comments. By doing so, the attacker can prematurely close a comment and insert unauthorized XML elements into the final output. This could lead to the manipulation of data within the XML document.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the `xmldom` library, a JavaScript module for parsing XML documents. An attacker could exploit this vulnerability by providing a specially crafted, deeply nested XML document. This could lead to a Denial of Service (DoS) by causing the application to crash due to excessive recursion.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in xmldom and @xmldom/xmldom, a JavaScript library for parsing and serializing XML. This vulnerability allows an attacker to inject arbitrary XML markup into a document due to improper handling of DocumentType node fields during serialization. By crafting malicious input, an attacker can cause the XML serializer to prematurely terminate the DOCTYPE declaration, enabling the insertion of unauthorized content. This could lead to information disclosure or, in certain configurations, the execution of arbitrary code.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64 | — |
Threats
Impact
Important
A flaw was found in xmldom. A remote attacker can exploit this vulnerability by providing specially crafted processing instruction data. Due to improper validation of the processing instruction closing sequence, the attacker can terminate the instruction prematurely and inject arbitrary XML nodes into the serialized output. This can lead to data manipulation and integrity issues within applications that process the affected XML.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Axios, an HTTP client library. This vulnerability allows an attacker to exploit a prototype pollution issue if another part of the application has already polluted the Object.prototype. By doing so, the attacker can intercept and modify JSON responses or take control of the HTTP communication. This could lead to unauthorized access to sensitive information like user credentials and request details.
7.4 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64 | — |
Threats
Impact
Important
A flaw was found in Axios, a software library for making network requests. A remote attacker can exploit a prototype pollution vulnerability to inject arbitrary HTTP headers into outgoing requests. This occurs when the application's core object definitions are manipulated, causing Axios to misinterpret data and include attacker-controlled headers in network communications. This could lead to unauthorized actions or data manipulation.
7.4 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in Axios, a promise-based HTTP client for browsers and Node.js. This vulnerability occurs because the `toFormData` function recursively processes nested objects without a depth limit. A remote attacker can exploit this by sending deeply nested request data, which causes the Node.js process to crash due to a RangeError, leading to a potential Denial of Service (DoS) if the process crashes.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64 | — |
Threats
Impact
Important
A flaw was found in Axios, a promise-based HTTP client. This vulnerability, a Prototype Pollution "Gadget" attack, allows an attacker to manipulate the `Object.prototype.validateStatus` property. By polluting this property, all HTTP error responses (such as 401, 403, or 500) are silently treated as successful responses. This can lead to a complete bypass of application-level authentication and error handling, potentially granting unauthorized access.
8.2 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64 | — |
Threats
Impact
Important
A flaw was found in Axios, a promise-based HTTP client. An attacker who can control the destination address of an Axios request can exploit this vulnerability. By using specific internal network addresses (within the 127.0.0.0/8 range, excluding 127.0.0.1), the attacker can completely bypass the NO_PROXY protection, potentially leading to unauthorized access or information disclosure within the network. This issue is an incomplete fix for a previous vulnerability.
7.2 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64 | — |
Vendor Fix
fix
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64 | — |
Threats
Impact
Important
A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution "Gadget" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could lead to significant security breaches, including unauthorized privilege escalation, fraudulent balance manipulation, or bypassing critical authorization checks.
7.4 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in protobufjs, a library used to compile protobuf definitions into JavaScript functions. A remote attacker could exploit this vulnerability by providing a crafted descriptor that includes a non-string default value for a bytes field. This could lead to the generation of an unsafe expression within the toObject conversion function, ultimately allowing the attacker to execute arbitrary code.
7.1 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64 | — |
Workaround
|
Threats
Impact
Important
References
140 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Developer Hub 1.9.5 has been released.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Developer Hub (RHDH) is Red Hat\u0027s enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters (AKS, EKS, GKE). The core features of RHDH include a single pane of glass, a centralized software catalog, self-service via golden path templates, and Tech Docs. RHDH is extensible by plugins.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:26234",
"url": "https://access.redhat.com/errata/RHSA-2026:26234"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24781",
"url": "https://access.redhat.com/security/cve/CVE-2026-24781"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-41242",
"url": "https://access.redhat.com/security/cve/CVE-2026-41242"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-41672",
"url": "https://access.redhat.com/security/cve/CVE-2026-41672"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-41673",
"url": "https://access.redhat.com/security/cve/CVE-2026-41673"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-41674",
"url": "https://access.redhat.com/security/cve/CVE-2026-41674"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-41675",
"url": "https://access.redhat.com/security/cve/CVE-2026-41675"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42033",
"url": "https://access.redhat.com/security/cve/CVE-2026-42033"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42035",
"url": "https://access.redhat.com/security/cve/CVE-2026-42035"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42039",
"url": "https://access.redhat.com/security/cve/CVE-2026-42039"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42041",
"url": "https://access.redhat.com/security/cve/CVE-2026-42041"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42043",
"url": "https://access.redhat.com/security/cve/CVE-2026-42043"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42044",
"url": "https://access.redhat.com/security/cve/CVE-2026-42044"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44293",
"url": "https://access.redhat.com/security/cve/CVE-2026-44293"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-6321",
"url": "https://access.redhat.com/security/cve/CVE-2026-6321"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-6322",
"url": "https://access.redhat.com/security/cve/CVE-2026-6322"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-9277",
"url": "https://access.redhat.com/security/cve/CVE-2026-9277"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://catalog.redhat.com/search?gs\u0026searchType=containers\u0026q=rhdh",
"url": "https://catalog.redhat.com/search?gs\u0026searchType=containers\u0026q=rhdh"
},
{
"category": "external",
"summary": "https://developers.redhat.com/rhdh/overview",
"url": "https://developers.redhat.com/rhdh/overview"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_developer_hub",
"url": "https://docs.redhat.com/en/documentation/red_hat_developer_hub"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHDHBUGS-3128",
"url": "https://issues.redhat.com/browse/RHDHBUGS-3128"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26234.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Developer Hub 1.9.5 release.",
"tracking": {
"current_release_date": "2026-06-16T23:10:12+00:00",
"generator": {
"date": "2026-06-16T23:10:12+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2026:26234",
"initial_release_date": "2026-06-16T09:33:13+00:00",
"revision_history": [
{
"date": "2026-06-16T09:33:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-16T09:33:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-16T23:10:12+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Developer Hub 1.9",
"product": {
"name": "Red Hat Developer Hub 1.9",
"product_id": "Red Hat Developer Hub 1.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhdh:1.9::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Developer Hub"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"product": {
"name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"product_id": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhdh-hub-rhel9@sha256%3Adca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e?arch=amd64\u0026repository_url=registry.redhat.io/rhdh/rhdh-hub-rhel9\u0026tag=1781187342"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64",
"product": {
"name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64",
"product_id": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhdh-rhel9-operator@sha256%3A9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5?arch=amd64\u0026repository_url=registry.redhat.io/rhdh/rhdh-rhel9-operator\u0026tag=1781187028"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"product": {
"name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"product_id": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhdh-operator-bundle@sha256%3Adac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb?arch=amd64\u0026repository_url=registry.redhat.io/rhdh/rhdh-operator-bundle\u0026tag=1781191254"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64 as a component of Red Hat Developer Hub 1.9",
"product_id": "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
},
"product_reference": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"relates_to_product_reference": "Red Hat Developer Hub 1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64 as a component of Red Hat Developer Hub 1.9",
"product_id": "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64"
},
"product_reference": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"relates_to_product_reference": "Red Hat Developer Hub 1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64 as a component of Red Hat Developer Hub 1.9",
"product_id": "Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
},
"product_reference": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64",
"relates_to_product_reference": "Red Hat Developer Hub 1.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-6321",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-05-04T20:01:14.938426+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466582"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in fast-uri. A remote attacker could exploit this vulnerability by providing a specially crafted Uniform Resource Locator (URL) containing percent-encoded path separators and dot segments. Due to incorrect processing, fast-uri would decode these elements before proper normalization, leading to distinct URLs resolving to the same internal path. This could allow an attacker to bypass security policies that rely on path-based comparisons, potentially gaining unauthorized access to resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fast-uri: fast-uri: Path traversal vulnerability allows bypass of security policies",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-6321"
},
{
"category": "external",
"summary": "RHBZ#2466582",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466582"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-6321",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6321"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-6321",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6321"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6",
"url": "https://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6"
}
],
"release_date": "2026-05-04T19:31:57.253000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:33:13+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26234"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "fast-uri: fast-uri: Path traversal vulnerability allows bypass of security policies"
},
{
"cve": "CVE-2026-6322",
"cwe": {
"id": "CWE-140",
"name": "Improper Neutralization of Delimiters"
},
"discovery_date": "2026-05-05T11:01:00.332189+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466684"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in fast-uri. A remote attacker could exploit this vulnerability by crafting a malicious Uniform Resource Identifier (URI) that contains percent-encoded authority delimiters. The fast-uri library incorrectly decodes these delimiters during normalization and then re-emits them as raw separators, which can change the URI\u0027s intended authority. This issue allows applications that perform host allowlist checks, redirect validation, or outbound request routing to be steered to a different authority than specified, potentially bypassing security controls.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fast-uri: fast-uri: URI authority bypass due to improper delimiter handling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-6322"
},
{
"category": "external",
"summary": "RHBZ#2466684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466684"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-6322",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6322"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-6322",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6322"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc",
"url": "https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc"
}
],
"release_date": "2026-05-05T10:29:16.378000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:33:13+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26234"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "fast-uri: fast-uri: URI authority bypass due to improper delimiter handling"
},
{
"cve": "CVE-2026-9277",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2026-05-22T14:01:14.427751+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480741"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the shell-quote component. The quote() function did not properly validate object-token inputs, allowing line terminators to pass unescaped into the output. A remote attacker could exploit this vulnerability by providing specially crafted input, which a POSIX shell would interpret as a command separator. This could lead to command injection, enabling the attacker to execute arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-9277"
},
{
"category": "external",
"summary": "RHBZ#2480741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480741"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-9277",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9277"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9277",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9277"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote",
"url": "https://github.com/ljharb/shell-quote"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote/commit/1518179",
"url": "https://github.com/ljharb/shell-quote/commit/1518179"
},
{
"category": "external",
"summary": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p",
"url": "https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/shell-quote",
"url": "https://www.npmjs.com/package/shell-quote"
}
],
"release_date": "2026-05-22T13:22:38.873000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:33:13+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26234"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators"
},
{
"cve": "CVE-2026-24781",
"cwe": {
"id": "CWE-653",
"name": "Improper Isolation or Compartmentalization"
},
"discovery_date": "2026-05-04T19:03:41.437468+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466531"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vm2, an open-source virtual machine (VM) sandbox for Node.js. This vulnerability allows an attacker to escape the sandbox environment by exploiting the `inspect` function. Successful exploitation can lead to arbitrary code execution on the host system, compromising the integrity and confidentiality of the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vm2: vm2: Arbitrary code execution via sandbox breakout through inspect function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24781"
},
{
"category": "external",
"summary": "RHBZ#2466531",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466531"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24781",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24781"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24781",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24781"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/commit/8d30d93213c1898b3e035298b89a814970dd1189",
"url": "https://github.com/patriksimek/vm2/commit/8d30d93213c1898b3e035298b89a814970dd1189"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/commit/bdd3d15e57bc4ec5e70365cd79f7cb0256e5f88c",
"url": "https://github.com/patriksimek/vm2/commit/bdd3d15e57bc4ec5e70365cd79f7cb0256e5f88c"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/commit/fd266d084e0a3322d0f71ba2a8dc4c96cd030228",
"url": "https://github.com/patriksimek/vm2/commit/fd266d084e0a3322d0f71ba2a8dc4c96cd030228"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/releases/tag/v3.11.0",
"url": "https://github.com/patriksimek/vm2/releases/tag/v3.11.0"
},
{
"category": "external",
"summary": "https://github.com/patriksimek/vm2/security/advisories/GHSA-v37h-5mfm-c47c",
"url": "https://github.com/patriksimek/vm2/security/advisories/GHSA-v37h-5mfm-c47c"
}
],
"release_date": "2026-05-04T16:33:32.869000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:33:13+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26234"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vm2: vm2: Arbitrary code execution via sandbox breakout through inspect function"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:33:13+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26234"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
},
{
"cve": "CVE-2026-41242",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-04-18T17:00:50.677423+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2459442"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in protobufjs, a JavaScript (JS) library used for compiling protobuf definitions. A remote attacker with low privileges can exploit this vulnerability by injecting arbitrary code into the \"type\" fields of protobuf definitions. This malicious code will then execute during the object decoding process, leading to arbitrary code execution and potentially full system compromise.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "protobufjs: protobufjs: Arbitrary code execution via injected protobuf definition type fields",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-41242"
},
{
"category": "external",
"summary": "RHBZ#2459442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2459442"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41242"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-41242",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41242"
},
{
"category": "external",
"summary": "https://github.com/protobufjs/protobuf.js/commit/535df444ac060243722ac5d672db205e5c531d75",
"url": "https://github.com/protobufjs/protobuf.js/commit/535df444ac060243722ac5d672db205e5c531d75"
},
{
"category": "external",
"summary": "https://github.com/protobufjs/protobuf.js/commit/ff7b2afef8754837cc6dc64c864cd111ab477956",
"url": "https://github.com/protobufjs/protobuf.js/commit/ff7b2afef8754837cc6dc64c864cd111ab477956"
},
{
"category": "external",
"summary": "https://github.com/protobufjs/protobuf.js/releases/tag/protobufjs-v7.5.5",
"url": "https://github.com/protobufjs/protobuf.js/releases/tag/protobufjs-v7.5.5"
},
{
"category": "external",
"summary": "https://github.com/protobufjs/protobuf.js/releases/tag/protobufjs-v8.0.1",
"url": "https://github.com/protobufjs/protobuf.js/releases/tag/protobufjs-v8.0.1"
},
{
"category": "external",
"summary": "https://github.com/protobufjs/protobuf.js/security/advisories/GHSA-xq3m-2v4x-88gg",
"url": "https://github.com/protobufjs/protobuf.js/security/advisories/GHSA-xq3m-2v4x-88gg"
}
],
"release_date": "2026-04-18T16:18:10.652000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:33:13+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26234"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "protobufjs: protobufjs: Arbitrary code execution via injected protobuf definition type fields"
},
{
"cve": "CVE-2026-41672",
"cwe": {
"id": "CWE-91",
"name": "XML Injection (aka Blind XPath Injection)"
},
"discovery_date": "2026-05-07T05:02:05.372643+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467631"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xmldom and @xmldom/xmldom, a JavaScript module for parsing and serializing XML. This vulnerability allows an attacker to inject malicious content into XML comments. By doing so, the attacker can prematurely close a comment and insert unauthorized XML elements into the final output. This could lead to the manipulation of data within the XML document.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xmldom: @xmldom/xmldom: xmldom: Arbitrary XML Node Injection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-41672"
},
{
"category": "external",
"summary": "RHBZ#2467631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467631"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-41672",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41672"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-41672",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41672"
},
{
"category": "external",
"summary": "https://github.com/xmldom/xmldom/commit/b397540889086da868c30c366ad5c220d1a750c7",
"url": "https://github.com/xmldom/xmldom/commit/b397540889086da868c30c366ad5c220d1a750c7"
},
{
"category": "external",
"summary": "https://github.com/xmldom/xmldom/commit/fda7cc313de30243fea35cada64e0bb12099c2a1",
"url": "https://github.com/xmldom/xmldom/commit/fda7cc313de30243fea35cada64e0bb12099c2a1"
},
{
"category": "external",
"summary": "https://github.com/xmldom/xmldom/pull/987",
"url": "https://github.com/xmldom/xmldom/pull/987"
},
{
"category": "external",
"summary": "https://github.com/xmldom/xmldom/releases/tag/0.8.13",
"url": "https://github.com/xmldom/xmldom/releases/tag/0.8.13"
},
{
"category": "external",
"summary": "https://github.com/xmldom/xmldom/releases/tag/0.9.10",
"url": "https://github.com/xmldom/xmldom/releases/tag/0.9.10"
},
{
"category": "external",
"summary": "https://github.com/xmldom/xmldom/security/advisories/GHSA-j759-j44w-7fr8",
"url": "https://github.com/xmldom/xmldom/security/advisories/GHSA-j759-j44w-7fr8"
}
],
"release_date": "2026-05-07T03:36:16.914000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:33:13+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26234"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "xmldom: @xmldom/xmldom: xmldom: Arbitrary XML Node Injection"
},
{
"cve": "CVE-2026-41673",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2026-05-07T05:02:01.500444+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467630"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `xmldom` library, a JavaScript module for parsing XML documents. An attacker could exploit this vulnerability by providing a specially crafted, deeply nested XML document. This could lead to a Denial of Service (DoS) by causing the application to crash due to excessive recursion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "@xmldom/xmldom: xmldom: xmldom: Denial of Service via deeply nested XML documents",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-41673"
},
{
"category": "external",
"summary": "RHBZ#2467630",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467630"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-41673",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-41673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41673"
},
{
"category": "external",
"summary": "https://github.com/xmldom/xmldom/commit/17678a2a73ecbd1a2da90f3d47dc23da9cef81aa",
"url": "https://github.com/xmldom/xmldom/commit/17678a2a73ecbd1a2da90f3d47dc23da9cef81aa"
},
{
"category": "external",
"summary": "https://github.com/xmldom/xmldom/commit/291257493cb0eb6980eda83b162a9c4e6d7d2597",
"url": "https://github.com/xmldom/xmldom/commit/291257493cb0eb6980eda83b162a9c4e6d7d2597"
},
{
"category": "external",
"summary": "https://github.com/xmldom/xmldom/commit/2d6d6916ed8a4c223db1f6d7560ab4544c465b0f",
"url": "https://github.com/xmldom/xmldom/commit/2d6d6916ed8a4c223db1f6d7560ab4544c465b0f"
},
{
"category": "external",
"summary": "https://github.com/xmldom/xmldom/commit/430357c7b6333108856e917bf2367afe5ceb6f8a",
"url": "https://github.com/xmldom/xmldom/commit/430357c7b6333108856e917bf2367afe5ceb6f8a"
},
{
"category": "external",
"summary": "https://github.com/xmldom/xmldom/commit/4845ef109221df0890825de2822fbe77afba3afe",
"url": "https://github.com/xmldom/xmldom/commit/4845ef109221df0890825de2822fbe77afba3afe"
},
{
"category": "external",
"summary": "https://github.com/xmldom/xmldom/commit/8834218c85ac2a4d757b9587c9028e67c2f7b6c3",
"url": "https://github.com/xmldom/xmldom/commit/8834218c85ac2a4d757b9587c9028e67c2f7b6c3"
},
{
"category": "external",
"summary": "https://github.com/xmldom/xmldom/commit/8b7cfd1491314abdc347261921d7334ff15f7112",
"url": "https://github.com/xmldom/xmldom/commit/8b7cfd1491314abdc347261921d7334ff15f7112"
},
{
"category": "external",
"summary": "https://github.com/xmldom/xmldom/commit/b0620383abc1df067f3ce1014c43ae1bc1161eeb",
"url": "https://github.com/xmldom/xmldom/commit/b0620383abc1df067f3ce1014c43ae1bc1161eeb"
},
{
"category": "external",
"summary": "https://github.com/xmldom/xmldom/commit/e6edcab6bef5bcdba0b220bb35442aa72f452b84",
"url": "https://github.com/xmldom/xmldom/commit/e6edcab6bef5bcdba0b220bb35442aa72f452b84"
},
{
"category": "external",
"summary": "https://github.com/xmldom/xmldom/releases/tag/0.8.13",
"url": "https://github.com/xmldom/xmldom/releases/tag/0.8.13"
},
{
"category": "external",
"summary": "https://github.com/xmldom/xmldom/releases/tag/0.9.10",
"url": "https://github.com/xmldom/xmldom/releases/tag/0.9.10"
},
{
"category": "external",
"summary": "https://github.com/xmldom/xmldom/security/advisories/GHSA-2v35-w6hq-6mfw",
"url": "https://github.com/xmldom/xmldom/security/advisories/GHSA-2v35-w6hq-6mfw"
}
],
"release_date": "2026-05-07T03:40:28.378000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:33:13+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26234"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "@xmldom/xmldom: xmldom: xmldom: Denial of Service via deeply nested XML documents"
},
{
"cve": "CVE-2026-41674",
"cwe": {
"id": "CWE-91",
"name": "XML Injection (aka Blind XPath Injection)"
},
"discovery_date": "2026-05-07T05:01:25.803044+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467620"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xmldom and @xmldom/xmldom, a JavaScript library for parsing and serializing XML. This vulnerability allows an attacker to inject arbitrary XML markup into a document due to improper handling of DocumentType node fields during serialization. By crafting malicious input, an attacker can cause the XML serializer to prematurely terminate the DOCTYPE declaration, enabling the insertion of unauthorized content. This could lead to information disclosure or, in certain configurations, the execution of arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xmldom: xmldom: Arbitrary XML markup injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-41674"
},
{
"category": "external",
"summary": "RHBZ#2467620",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467620"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-41674",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41674"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-41674",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41674"
},
{
"category": "external",
"summary": "https://github.com/xmldom/xmldom/commit/372008f9ae0e20fd69f761c7b79e202598267314",
"url": "https://github.com/xmldom/xmldom/commit/372008f9ae0e20fd69f761c7b79e202598267314"
},
{
"category": "external",
"summary": "https://github.com/xmldom/xmldom/releases/tag/0.8.13",
"url": "https://github.com/xmldom/xmldom/releases/tag/0.8.13"
},
{
"category": "external",
"summary": "https://github.com/xmldom/xmldom/releases/tag/0.9.10",
"url": "https://github.com/xmldom/xmldom/releases/tag/0.9.10"
},
{
"category": "external",
"summary": "https://github.com/xmldom/xmldom/security/advisories/GHSA-f6ww-3ggp-fr8h",
"url": "https://github.com/xmldom/xmldom/security/advisories/GHSA-f6ww-3ggp-fr8h"
}
],
"release_date": "2026-05-07T03:47:51.140000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:33:13+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26234"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "xmldom: xmldom: Arbitrary XML markup injection"
},
{
"cve": "CVE-2026-41675",
"cwe": {
"id": "CWE-91",
"name": "XML Injection (aka Blind XPath Injection)"
},
"discovery_date": "2026-05-07T05:01:58.399809+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467629"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xmldom. A remote attacker can exploit this vulnerability by providing specially crafted processing instruction data. Due to improper validation of the processing instruction closing sequence, the attacker can terminate the instruction prematurely and inject arbitrary XML nodes into the serialized output. This can lead to data manipulation and integrity issues within applications that process the affected XML.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xmldom: xmldom: Arbitrary XML node injection via crafted processing instructions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-41675"
},
{
"category": "external",
"summary": "RHBZ#2467629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467629"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-41675",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41675"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-41675",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41675"
},
{
"category": "external",
"summary": "https://github.com/xmldom/xmldom/commit/7207a4b0e0bcc228868075ed991665ef9f73b1c2",
"url": "https://github.com/xmldom/xmldom/commit/7207a4b0e0bcc228868075ed991665ef9f73b1c2"
},
{
"category": "external",
"summary": "https://github.com/xmldom/xmldom/releases/tag/0.8.13",
"url": "https://github.com/xmldom/xmldom/releases/tag/0.8.13"
},
{
"category": "external",
"summary": "https://github.com/xmldom/xmldom/releases/tag/0.9.10",
"url": "https://github.com/xmldom/xmldom/releases/tag/0.9.10"
},
{
"category": "external",
"summary": "https://github.com/xmldom/xmldom/security/advisories/GHSA-x6wf-f3px-wcqx",
"url": "https://github.com/xmldom/xmldom/security/advisories/GHSA-x6wf-f3px-wcqx"
}
],
"release_date": "2026-05-07T03:49:34.056000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:33:13+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26234"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "xmldom: xmldom: Arbitrary XML node injection via crafted processing instructions"
},
{
"cve": "CVE-2026-42033",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T18:01:20.937507+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461607"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, an HTTP client library. This vulnerability allows an attacker to exploit a prototype pollution issue if another part of the application has already polluted the Object.prototype. By doing so, the attacker can intercept and modify JSON responses or take control of the HTTP communication. This could lead to unauthorized access to sensitive information like user credentials and request details.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: HTTP Transport Hijacking via Prototype Pollution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42033"
},
{
"category": "external",
"summary": "RHBZ#2461607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461607"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42033",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42033"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42033",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42033"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf",
"url": "https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf"
}
],
"release_date": "2026-04-24T17:36:44.132000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:33:13+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26234"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: HTTP Transport Hijacking via Prototype Pollution"
},
{
"cve": "CVE-2026-42035",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T18:01:17.109481+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461606"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a software library for making network requests. A remote attacker can exploit a prototype pollution vulnerability to inject arbitrary HTTP headers into outgoing requests. This occurs when the application\u0027s core object definitions are manipulated, causing Axios to misinterpret data and include attacker-controlled headers in network communications. This could lead to unauthorized actions or data manipulation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Arbitrary HTTP header injection via prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42035"
},
{
"category": "external",
"summary": "RHBZ#2461606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42035",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42035"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9",
"url": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9"
}
],
"release_date": "2026-04-24T17:38:07.752000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:33:13+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26234"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "axios: Axios: Arbitrary HTTP header injection via prototype pollution"
},
{
"cve": "CVE-2026-42039",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-24T19:01:44.887156+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461630"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client for browsers and Node.js. This vulnerability occurs because the `toFormData` function recursively processes nested objects without a depth limit. A remote attacker can exploit this by sending deeply nested request data, which causes the Node.js process to crash due to a RangeError, leading to a potential Denial of Service (DoS) if the process crashes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42039"
},
{
"category": "external",
"summary": "RHBZ#2461630",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461630"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42039",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42039"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42039",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42039"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9",
"url": "https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9"
}
],
"release_date": "2026-04-24T18:01:30.775000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:33:13+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26234"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data"
},
{
"cve": "CVE-2026-42041",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T19:01:41.034289+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461629"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability, a Prototype Pollution \"Gadget\" attack, allows an attacker to manipulate the `Object.prototype.validateStatus` property. By polluting this property, all HTTP error responses (such as 401, 403, or 500) are silently treated as successful responses. This can lead to a complete bypass of application-level authentication and error handling, potentially granting unauthorized access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42041"
},
{
"category": "external",
"summary": "RHBZ#2461629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461629"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42041",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42041"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63",
"url": "https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63"
}
],
"release_date": "2026-04-24T17:55:30.036000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:33:13+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26234"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling"
},
{
"cve": "CVE-2026-42043",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2026-04-24T19:01:22.552379+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461626"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. An attacker who can control the destination address of an Axios request can exploit this vulnerability. By using specific internal network addresses (within the 127.0.0.0/8 range, excluding 127.0.0.1), the attacker can completely bypass the NO_PROXY protection, potentially leading to unauthorized access or information disclosure within the network. This issue is an incomplete fix for a previous vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: NO_PROXY bypass via crafted URL",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42043"
},
{
"category": "external",
"summary": "RHBZ#2461626",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461626"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42043",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42043"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42043",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42043"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7",
"url": "https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7"
}
],
"release_date": "2026-04-24T17:54:42.668000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:33:13+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26234"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: NO_PROXY bypass via crafted URL"
},
{
"cve": "CVE-2026-42044",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T19:01:13.418725+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461624"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution \"Gadget\" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could lead to significant security breaches, including unauthorized privilege escalation, fraudulent balance manipulation, or bypassing critical authorization checks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42044"
},
{
"category": "external",
"summary": "RHBZ#2461624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461624"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42044",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42044"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23",
"url": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23"
}
],
"release_date": "2026-04-24T17:49:49.517000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:33:13+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26234"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget"
},
{
"cve": "CVE-2026-44293",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-05-13T16:03:50.961609+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477104"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in protobufjs, a library used to compile protobuf definitions into JavaScript functions. A remote attacker could exploit this vulnerability by providing a crafted descriptor that includes a non-string default value for a bytes field. This could lead to the generation of an unsafe expression within the toObject conversion function, ultimately allowing the attacker to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "protobufjs: protobufjs: Arbitrary code execution due to unsafe expression generation from crafted protobuf descriptors",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw affecting Red Hat products that incorporate the protobufjs library. protobufjs is vulnerable to arbitrary code execution when compiling protobuf definitions into JavaScript. During generation of the toObject conversion function, a schema-controlled default value on a bytes field that is not a string can be emitted as unsafe JavaScript code. An attacker who can supply or influence the protobuf descriptor processed by the application (low privileges required) may achieve code execution in the Node.js process context. Fixed upstream in protobufjs 7.5.6 and 8.0.2. Affects Red Hat offerings that bundle protobufjs and process attacker-influenced protobuf schemas at runtime.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44293"
},
{
"category": "external",
"summary": "RHBZ#2477104",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477104"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44293",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44293"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44293",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44293"
},
{
"category": "external",
"summary": "https://github.com/protobufjs/protobuf.js/security/advisories/GHSA-66ff-xgx4-vchm",
"url": "https://github.com/protobufjs/protobuf.js/security/advisories/GHSA-66ff-xgx4-vchm"
}
],
"release_date": "2026-05-13T14:43:33.342000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-16T09:33:13+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26234"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:dca74b10e54c6598ef2f8d962f677895ee6ca745778f0f5db25e0ebfe443990e_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:dac8b7c19b9bf59aa6df97828ae6955252ba45246d1597cd2cf46c028dfce4fb_amd64",
"Red Hat Developer Hub 1.9:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:9e95e1183f47b0f9aa439bdb408a0ccdf87b72cefe704abad0c7e9a90bd607f5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "protobufjs: protobufjs: Arbitrary code execution due to unsafe expression generation from crafted protobuf descriptors"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…