Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-66506 (GCVE-0-2025-66506)
Vulnerability from cvelistv5 – Published: 2025-12-04 22:04 – Updated: 2025-12-05 15:32- CWE-405 - Asymmetric Resource Consumption (Amplification)
| URL | Tags |
|---|---|
| https://github.com/sigstore/fulcio/security/advis… | x_refsource_CONFIRM |
| https://github.com/sigstore/fulcio/commit/765a0e5… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-66506",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-05T15:32:15.086814Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-05T15:32:25.591Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "fulcio",
"vendor": "sigstore",
"versions": [
{
"status": "affected",
"version": "\u003c 1.8.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Fulcio is a free-to-use certificate authority for issuing code signing certificates for an OpenID Connect (OIDC) identity. Prior to 1.8.3, function identity.extractIssuerURL splits (via a call to strings.Split) its argument (which is untrusted data) on periods. As a result, in the face of a malicious request with an (invalid) OIDC identity token in the payload containing many period characters, a call to extractIssuerURL incurs allocations to the tune of O(n) bytes (where n stands for the length of the function\u0027s argument), with a constant factor of about 16. This vulnerability is fixed in 1.8.3."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-405",
"description": "CWE-405: Asymmetric Resource Consumption (Amplification)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-04T22:04:41.637Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
},
{
"name": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
}
],
"source": {
"advisory": "GHSA-f83f-xpx7-ffpw",
"discovery": "UNKNOWN"
},
"title": "Fulcio allocates excessive memory during token parsing"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-66506",
"datePublished": "2025-12-04T22:04:41.637Z",
"dateReserved": "2025-12-03T15:12:22.978Z",
"dateUpdated": "2025-12-05T15:32:25.591Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-66506",
"date": "2026-07-18",
"epss": "0.00191",
"percentile": "0.08885"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-66506\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-12-04T22:15:49.503\",\"lastModified\":\"2026-06-17T09:56:57.130\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Fulcio is a free-to-use certificate authority for issuing code signing certificates for an OpenID Connect (OIDC) identity. Prior to 1.8.3, function identity.extractIssuerURL splits (via a call to strings.Split) its argument (which is untrusted data) on periods. As a result, in the face of a malicious request with an (invalid) OIDC identity token in the payload containing many period characters, a call to extractIssuerURL incurs allocations to the tune of O(n) bytes (where n stands for the length of the function\u0027s argument), with a constant factor of about 16. This vulnerability is fixed in 1.8.3.\"}],\"affected\":[{\"source\":\"security-advisories@github.com\",\"affectedData\":[{\"vendor\":\"sigstore\",\"product\":\"fulcio\",\"versions\":[{\"version\":\"\u003c 1.8.3\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2025-12-05T15:32:15.086814Z\",\"id\":\"CVE-2025-66506\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-405\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linuxfoundation:fulcio:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.8.3\",\"matchCriteriaId\":\"C4901884-0820-47DE-B4A7-E79A053D360D\"}]}]}],\"references\":[{\"url\":\"https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"redhat_vex": {
"aggregate_severity": "Important",
"current_release_date": "2026-07-18T15:13:49+00:00",
"cve": "CVE-2025-66506",
"id": "CVE-2025-66506",
"initial_release_date": "2025-12-04T22:04:41.637000+00:00",
"product_status:fixed": "320",
"product_status:known_affected": "66",
"product_status:known_not_affected": "1247",
"source": "Red Hat CSAF VEX",
"status": "final",
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-66506.json",
"version": "3"
},
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-66506\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-12-05T15:32:15.086814Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-05T15:32:21.138Z\"}}], \"cna\": {\"title\": \"Fulcio allocates excessive memory during token parsing\", \"source\": {\"advisory\": \"GHSA-f83f-xpx7-ffpw\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"sigstore\", \"product\": \"fulcio\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 1.8.3\"}]}], \"references\": [{\"url\": \"https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw\", \"name\": \"https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a\", \"name\": \"https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Fulcio is a free-to-use certificate authority for issuing code signing certificates for an OpenID Connect (OIDC) identity. Prior to 1.8.3, function identity.extractIssuerURL splits (via a call to strings.Split) its argument (which is untrusted data) on periods. As a result, in the face of a malicious request with an (invalid) OIDC identity token in the payload containing many period characters, a call to extractIssuerURL incurs allocations to the tune of O(n) bytes (where n stands for the length of the function\u0027s argument), with a constant factor of about 16. This vulnerability is fixed in 1.8.3.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-405\", \"description\": \"CWE-405: Asymmetric Resource Consumption (Amplification)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-12-04T22:04:41.637Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-66506\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-12-05T15:32:25.591Z\", \"dateReserved\": \"2025-12-03T15:12:22.978Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-12-04T22:04:41.637Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2026:2754
Vulnerability from csaf_redhat - Published: 2026-02-16 15:43 - Updated: 2026-07-18 13:02A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x | — |
Workaround
|
A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x | — |
Workaround
|
A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x | — |
A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x | — |
Workaround
|
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x | — |
Workaround
|
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le | — |
Workaround
|
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x | — |
A flaw was found in auth0/node-jws. This vulnerability allows improper signature verification via using the HS256 (Hash-based Message Authentication Code using SHA-256) algorithm under specific conditions, where applications use the jws.createVerify() function for HMAC (Keyed-Hash Message Authentication Code) algorithms and user-provided data from the JSON (JavaScript Object Notation) Web Signature protected header or payload in HMAC secret lookup routines.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x | — |
Workaround
|
An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x | — |
Workaround
|
A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x | — |
A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x | — |
A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Quay 3.9.18 is now available with bug fixes.",
"title": "Topic"
},
{
"category": "general",
"text": "Quay 3.9.18",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:2754",
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-34156",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45337",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45338",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52881",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61726",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-65945",
"url": "https://access.redhat.com/security/cve/CVE-2025-65945"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66031",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24049",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2754.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Quay 3.9.18",
"tracking": {
"current_release_date": "2026-07-18T13:02:16+00:00",
"generator": {
"date": "2026-07-18T13:02:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.7"
}
},
"id": "RHSA-2026:2754",
"initial_release_date": "2026-02-16T15:43:51+00:00",
"revision_history": [
{
"date": "2026-02-16T15:43:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-16T17:04:14+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-18T13:02:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Quay 3.9",
"product": {
"name": "Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quay:3.9::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Quay"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3A2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770249996"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770223960"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3A1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770249993"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770230842"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770133825"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770991332"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770306794"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-bundle@sha256%3A0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770991979"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770133364"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770856103"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Ac30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770223960"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770230842"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3Adbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770991332"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3Ab3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770306794"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770133364"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770856103"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Ae2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770223960"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770230842"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770991332"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770306794"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3Abb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770133364"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770856103"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-34156",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:09.377905+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "RHBZ#2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://go.dev/cl/611239",
"url": "https://go.dev/cl/611239"
},
{
"category": "external",
"summary": "https://go.dev/issue/69139",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3106",
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"release_date": "2024-09-06T21:15:12.020000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T15:43:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-45337",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2024-12-11T19:00:54.247490+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331720"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is classified as important rather than critical because it does not directly enable unauthorized access but rather introduces a risk of authorization bypass if the application or library misuses the PublicKeyCallback API. The vulnerability relies on incorrect assumptions made by the application when handling the sequence or state of keys provided during SSH authentication. Properly implemented systems that use the Permissions field or avoid relying on external state remain unaffected. Additionally, the vulnerability does not allow direct exploitation to gain control over a system without the presence of insecure logic in the application\u0027s handling of authentication attempts.\n\n\nRed Hat Enterprise Linux(RHEL) 8 \u0026 9 and Red Hat Openshift marked as not affected as it was determined that the problem function `ServerConfig.PublicKeyCallback`, as noted in the CVE-2024-45337 issue, is not called by Podman, Buildah, containers-common, or the gvisor-tap-vsock projects.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "RHBZ#2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909",
"url": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909"
},
{
"category": "external",
"summary": "https://go.dev/cl/635315",
"url": "https://go.dev/cl/635315"
},
{
"category": "external",
"summary": "https://go.dev/issue/70779",
"url": "https://go.dev/issue/70779"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ",
"url": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3321",
"url": "https://pkg.go.dev/vuln/GO-2024-3321"
}
],
"release_date": "2024-12-11T18:55:58.506000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T15:43:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto"
},
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T15:43:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
},
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T15:43:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-52881",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.652000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404715"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "RHBZ#2404715",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404715"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm",
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/selinux/pull/237",
"url": "https://github.com/opencontainers/selinux/pull/237"
}
],
"release_date": "2025-11-05T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T15:43:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using rootless containers, as doing so will block most of the inadvertent writes (runc would run with reduced privileges, making attempts to write to procfs files ineffective).\n* Based on our analysis, neither AppArmor or SELinux can protect against the full version of the redirected write attack. The container runtime is generally privileged enough to write to arbitrary procfs files, which is more than sufficient to cause a container breakout.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects"
},
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T15:43:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T15:43:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-65945",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2025-12-04T19:01:14.733682+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418904"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in auth0/node-jws. This vulnerability allows improper signature verification via using the HS256 (Hash-based Message Authentication Code using SHA-256) algorithm under specific conditions, where applications use the jws.createVerify() function for HMAC (Keyed-Hash Message Authentication Code) algorithms and user-provided data from the JSON (JavaScript Object Notation) Web Signature protected header or payload in HMAC secret lookup routines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-jws: auth0/node-jws: Improper signature verification in HS256 algorithm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-65945"
},
{
"category": "external",
"summary": "RHBZ#2418904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-65945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65945"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-65945",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65945"
},
{
"category": "external",
"summary": "https://github.com/auth0/node-jws/commit/34c45b2c04434f925b638de6a061de9339c0ea2e",
"url": "https://github.com/auth0/node-jws/commit/34c45b2c04434f925b638de6a061de9339c0ea2e"
},
{
"category": "external",
"summary": "https://github.com/auth0/node-jws/security/advisories/GHSA-869p-cjfg-cm3x",
"url": "https://github.com/auth0/node-jws/security/advisories/GHSA-869p-cjfg-cm3x"
}
],
"release_date": "2025-12-04T18:45:37.517000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T15:43:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-jws: auth0/node-jws: Improper signature verification in HS256 algorithm"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-11-26T23:01:36.363253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417397"
}
],
"notes": [
{
"category": "description",
"text": "An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge ASN.1 Unbounded Recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "RHBZ#2417397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
"url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
}
],
"release_date": "2025-11-26T22:23:26.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T15:43:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: node-forge ASN.1 Unbounded Recursion"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T15:43:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T15:43:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
},
{
"cve": "CVE-2026-24049",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-01-22T05:00:54.709179+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431959"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "RHBZ#2431959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24049",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24049"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef",
"url": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/releases/tag/0.46.2",
"url": "https://github.com/pypa/wheel/releases/tag/0.46.2"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx",
"url": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx"
}
],
"release_date": "2026-01-22T04:02:08.706000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T15:43:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking"
}
]
}
RHSA-2026:2762
Vulnerability from csaf_redhat - Published: 2026-02-16 17:44 - Updated: 2026-07-18 13:02A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64 | — |
Workaround
|
A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64 | — |
Workaround
|
A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64 | — |
A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64 | — |
Workaround
|
A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64 | — |
Workaround
|
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64 | — |
Workaround
|
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64 | — |
A flaw was found in auth0/node-jws. This vulnerability allows improper signature verification via using the HS256 (Hash-based Message Authentication Code using SHA-256) algorithm under specific conditions, where applications use the jws.createVerify() function for HMAC (Keyed-Hash Message Authentication Code) algorithms and user-provided data from the JSON (JavaScript Object Notation) Web Signature protected header or payload in HMAC secret lookup routines.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64 | — |
Workaround
|
An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64 | — |
Workaround
|
A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64 | — |
A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64 | — |
Workaround
|
A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64 | — |
urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64 | — |
A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Quay 3.10.18 is now available with bug fixes.",
"title": "Topic"
},
{
"category": "general",
"text": "Quay 3.10.18",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:2762",
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-34156",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45337",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45338",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15284",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52881",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-65945",
"url": "https://access.redhat.com/security/cve/CVE-2025-65945"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66031",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66471",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21441",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24049",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2762.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Quay 3.10.18",
"tracking": {
"current_release_date": "2026-07-18T13:02:19+00:00",
"generator": {
"date": "2026-07-18T13:02:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.7"
}
},
"id": "RHSA-2026:2762",
"initial_release_date": "2026-02-16T17:44:31+00:00",
"revision_history": [
{
"date": "2026-02-16T17:44:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-16T17:44:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-18T13:02:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Quay 3.10",
"product": {
"name": "Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quay:3.10::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Quay"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3Af006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770249889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770224116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3A27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770249881"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Af7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770133631"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3Ac5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770991805"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3Ad8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770991340"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770133671"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-bundle@sha256%3A363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770993022"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770133646"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3Ab54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770249183"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770224116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770133631"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770991340"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770133671"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770133646"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770249183"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770224116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Aaab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770133631"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770991340"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770133671"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770133646"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3Ab46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770249183"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-34156",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:09.377905+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "RHBZ#2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://go.dev/cl/611239",
"url": "https://go.dev/cl/611239"
},
{
"category": "external",
"summary": "https://go.dev/issue/69139",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3106",
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"release_date": "2024-09-06T21:15:12.020000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-45337",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2024-12-11T19:00:54.247490+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331720"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is classified as important rather than critical because it does not directly enable unauthorized access but rather introduces a risk of authorization bypass if the application or library misuses the PublicKeyCallback API. The vulnerability relies on incorrect assumptions made by the application when handling the sequence or state of keys provided during SSH authentication. Properly implemented systems that use the Permissions field or avoid relying on external state remain unaffected. Additionally, the vulnerability does not allow direct exploitation to gain control over a system without the presence of insecure logic in the application\u0027s handling of authentication attempts.\n\n\nRed Hat Enterprise Linux(RHEL) 8 \u0026 9 and Red Hat Openshift marked as not affected as it was determined that the problem function `ServerConfig.PublicKeyCallback`, as noted in the CVE-2024-45337 issue, is not called by Podman, Buildah, containers-common, or the gvisor-tap-vsock projects.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "RHBZ#2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909",
"url": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909"
},
{
"category": "external",
"summary": "https://go.dev/cl/635315",
"url": "https://go.dev/cl/635315"
},
{
"category": "external",
"summary": "https://go.dev/issue/70779",
"url": "https://go.dev/issue/70779"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ",
"url": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3321",
"url": "https://pkg.go.dev/vuln/GO-2024-3321"
}
],
"release_date": "2024-12-11T18:55:58.506000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto"
},
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
},
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-15284",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-29T23:00:58.541337+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425946"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "qs: qs: Denial of Service via improper input validation in array parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products that utilize the `qs` module for parsing query strings, particularly when processing user-controlled input with bracket notation. The `arrayLimit` option, intended to prevent resource exhaustion, is bypassed when bracket notation (`a[]=value`) is used, allowing a remote attacker to cause a denial of service through memory exhaustion. This can lead to application crashes or unresponsiveness, making the service unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "RHBZ#2425946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425946"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9",
"url": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p",
"url": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p"
}
],
"release_date": "2025-12-29T22:56:45.240000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "qs: qs: Denial of Service via improper input validation in array parsing"
},
{
"cve": "CVE-2025-52881",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.652000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404715"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "RHBZ#2404715",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404715"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm",
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/selinux/pull/237",
"url": "https://github.com/opencontainers/selinux/pull/237"
}
],
"release_date": "2025-11-05T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using rootless containers, as doing so will block most of the inadvertent writes (runc would run with reduced privileges, making attempts to write to procfs files ineffective).\n* Based on our analysis, neither AppArmor or SELinux can protect against the full version of the redirected write attack. The container runtime is generally privileged enough to write to arbitrary procfs files, which is more than sufficient to cause a container breakout.",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-65945",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2025-12-04T19:01:14.733682+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418904"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in auth0/node-jws. This vulnerability allows improper signature verification via using the HS256 (Hash-based Message Authentication Code using SHA-256) algorithm under specific conditions, where applications use the jws.createVerify() function for HMAC (Keyed-Hash Message Authentication Code) algorithms and user-provided data from the JSON (JavaScript Object Notation) Web Signature protected header or payload in HMAC secret lookup routines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-jws: auth0/node-jws: Improper signature verification in HS256 algorithm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-65945"
},
{
"category": "external",
"summary": "RHBZ#2418904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-65945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65945"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-65945",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65945"
},
{
"category": "external",
"summary": "https://github.com/auth0/node-jws/commit/34c45b2c04434f925b638de6a061de9339c0ea2e",
"url": "https://github.com/auth0/node-jws/commit/34c45b2c04434f925b638de6a061de9339c0ea2e"
},
{
"category": "external",
"summary": "https://github.com/auth0/node-jws/security/advisories/GHSA-869p-cjfg-cm3x",
"url": "https://github.com/auth0/node-jws/security/advisories/GHSA-869p-cjfg-cm3x"
}
],
"release_date": "2025-12-04T18:45:37.517000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-jws: auth0/node-jws: Improper signature verification in HS256 algorithm"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-11-26T23:01:36.363253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417397"
}
],
"notes": [
{
"category": "description",
"text": "An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge ASN.1 Unbounded Recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "RHBZ#2417397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
"url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
}
],
"release_date": "2025-11-26T22:23:26.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: node-forge ASN.1 Unbounded Recursion"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
},
{
"cve": "CVE-2025-66471",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-05T17:02:21.597728+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419467"
}
],
"notes": [
{
"category": "description",
"text": "A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 Streaming API improperly handles highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in urllib3\u0027s streaming API that can lead to excessive resource consumption, including high CPU usage and significant memory allocation. When processing highly compressed data from untrusted sources, even small requested chunks can trigger full decompression, posing a denial-of-service risk to client-side applications utilizing affected urllib3 versions prior to 2.6.0.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "RHBZ#2419467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7",
"url": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37"
}
],
"release_date": "2025-12-05T16:06:08.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 Streaming API improperly handles highly compressed data"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
},
{
"cve": "CVE-2026-21441",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-01-07T23:01:59.422078+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427726"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is an HTTP client library for Python. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "RHBZ#2427726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b",
"url": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99"
}
],
"release_date": "2026-01-07T22:09:01.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)"
},
{
"cve": "CVE-2026-24049",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-01-22T05:00:54.709179+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431959"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "RHBZ#2431959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24049",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24049"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef",
"url": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/releases/tag/0.46.2",
"url": "https://github.com/pypa/wheel/releases/tag/0.46.2"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx",
"url": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx"
}
],
"release_date": "2026-01-22T04:02:08.706000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking"
}
]
}
RHSA-2026:2852
Vulnerability from csaf_redhat - Published: 2026-02-17 23:04 - Updated: 2026-07-18 09:23A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-security-profiles-operator-bundle@sha256:4604d631307390e44fea4729d87470a32f294f380b4c7c9448a8e1a82ccec5b7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:66c78e05a610eb31b8a350502b778305e53da9576ae124a3eb7ab3cc29595297_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:e599c020744224294ed24d028ad1c5f4cca1192d9d487517286a6b7591d80f54_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:1484157970f2cc4470dfec565fb5f81137402bdcd52d63cd40be4b0e9c8ce039_amd64 | — | ||
| Unresolved product id: OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:659e7bfe28f0dad419b9559be5a3b9f00ed6871ca3425ae5f1abc478ed7072c8_ppc64le | — | ||
| Unresolved product id: OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:7143fa2fba9fb559ef13143cebfa69dbd7cb1f94284a640e5cbdb700e6cf6de0_amd64 | — | ||
| Unresolved product id: OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:8baa5bd3ecbbb1708d1270f7f30b707dd381e72b9a4fef554044039d6404771e_ppc64le | — | ||
| Unresolved product id: OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:2b2e1b736ad8d69e15ede3f38de2637c695d0819e66d4c9c9df0aa3ebeee9df9_ppc64le | — | ||
| Unresolved product id: OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:f7795017bcbace2e5e86ab1e7906d60ddd06c1b7fdd4ce7891eade3d993ec7b8_amd64 | — |
A flaw was found in Sigstore Timestamp Authority. This vulnerability allows a denial of service via excessive memory allocation when processing a specially crafted Object Identifier or Content-Type header.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-security-profiles-operator-bundle@sha256:4604d631307390e44fea4729d87470a32f294f380b4c7c9448a8e1a82ccec5b7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:66c78e05a610eb31b8a350502b778305e53da9576ae124a3eb7ab3cc29595297_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:e599c020744224294ed24d028ad1c5f4cca1192d9d487517286a6b7591d80f54_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:1484157970f2cc4470dfec565fb5f81137402bdcd52d63cd40be4b0e9c8ce039_amd64 | — | ||
| Unresolved product id: OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:659e7bfe28f0dad419b9559be5a3b9f00ed6871ca3425ae5f1abc478ed7072c8_ppc64le | — | ||
| Unresolved product id: OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:7143fa2fba9fb559ef13143cebfa69dbd7cb1f94284a640e5cbdb700e6cf6de0_amd64 | — | ||
| Unresolved product id: OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:8baa5bd3ecbbb1708d1270f7f30b707dd381e72b9a4fef554044039d6404771e_ppc64le | — | ||
| Unresolved product id: OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:2b2e1b736ad8d69e15ede3f38de2637c695d0819e66d4c9c9df0aa3ebeee9df9_ppc64le | — | ||
| Unresolved product id: OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:f7795017bcbace2e5e86ab1e7906d60ddd06c1b7fdd4ce7891eade3d993ec7b8_amd64 | — |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated OpenShift Security Profiles Operator image that fixes various bugs and adds new\nenhancements is now available for the Red Hat OpenShift Enterprise 4 catalog.",
"title": "Topic"
},
{
"category": "general",
"text": "The Security Profiles Operator v0.10.0 is now available.\nSee the documentation for release information:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/security_and_compliance/security-profiles-operator",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:2852",
"url": "https://access.redhat.com/errata/RHSA-2026:2852"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66564",
"url": "https://access.redhat.com/security/cve/CVE-2025-66564"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2852.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Security Profiles Operator bug fix and enhancement update",
"tracking": {
"current_release_date": "2026-07-18T09:23:35+00:00",
"generator": {
"date": "2026-07-18T09:23:35+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.7"
}
},
"id": "RHSA-2026:2852",
"initial_release_date": "2026-02-17T23:04:21+00:00",
"revision_history": [
{
"date": "2026-02-17T23:04:21+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-17T23:04:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-18T09:23:35+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Security Profiles Operator 1",
"product": {
"name": "OpenShift Security Profiles Operator 1",
"product_id": "OpenShift Security Profiles Operator 1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_security_profiles_operator:1::el9"
}
}
}
],
"category": "product_family",
"name": "OpenShift Security Profiles Operator"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:1484157970f2cc4470dfec565fb5f81137402bdcd52d63cd40be4b0e9c8ce039_amd64",
"product": {
"name": "registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:1484157970f2cc4470dfec565fb5f81137402bdcd52d63cd40be4b0e9c8ce039_amd64",
"product_id": "registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:1484157970f2cc4470dfec565fb5f81137402bdcd52d63cd40be4b0e9c8ce039_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-selinuxd-rhel10@sha256%3A1484157970f2cc4470dfec565fb5f81137402bdcd52d63cd40be4b0e9c8ce039?arch=amd64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1771365824"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:7143fa2fba9fb559ef13143cebfa69dbd7cb1f94284a640e5cbdb700e6cf6de0_amd64",
"product": {
"name": "registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:7143fa2fba9fb559ef13143cebfa69dbd7cb1f94284a640e5cbdb700e6cf6de0_amd64",
"product_id": "registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:7143fa2fba9fb559ef13143cebfa69dbd7cb1f94284a640e5cbdb700e6cf6de0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-selinuxd-rhel8@sha256%3A7143fa2fba9fb559ef13143cebfa69dbd7cb1f94284a640e5cbdb700e6cf6de0?arch=amd64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1771365778"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:f7795017bcbace2e5e86ab1e7906d60ddd06c1b7fdd4ce7891eade3d993ec7b8_amd64",
"product": {
"name": "registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:f7795017bcbace2e5e86ab1e7906d60ddd06c1b7fdd4ce7891eade3d993ec7b8_amd64",
"product_id": "registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:f7795017bcbace2e5e86ab1e7906d60ddd06c1b7fdd4ce7891eade3d993ec7b8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-selinuxd-rhel9@sha256%3Af7795017bcbace2e5e86ab1e7906d60ddd06c1b7fdd4ce7891eade3d993ec7b8?arch=amd64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1771365810"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-security-profiles-operator-bundle@sha256:4604d631307390e44fea4729d87470a32f294f380b4c7c9448a8e1a82ccec5b7_amd64",
"product": {
"name": "registry.redhat.io/compliance/openshift-security-profiles-operator-bundle@sha256:4604d631307390e44fea4729d87470a32f294f380b4c7c9448a8e1a82ccec5b7_amd64",
"product_id": "registry.redhat.io/compliance/openshift-security-profiles-operator-bundle@sha256:4604d631307390e44fea4729d87470a32f294f380b4c7c9448a8e1a82ccec5b7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-security-profiles-operator-bundle@sha256%3A4604d631307390e44fea4729d87470a32f294f380b4c7c9448a8e1a82ccec5b7?arch=amd64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1771367226"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:e599c020744224294ed24d028ad1c5f4cca1192d9d487517286a6b7591d80f54_amd64",
"product": {
"name": "registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:e599c020744224294ed24d028ad1c5f4cca1192d9d487517286a6b7591d80f54_amd64",
"product_id": "registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:e599c020744224294ed24d028ad1c5f4cca1192d9d487517286a6b7591d80f54_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-security-profiles-rhel8-operator@sha256%3Ae599c020744224294ed24d028ad1c5f4cca1192d9d487517286a6b7591d80f54?arch=amd64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1770869850"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:659e7bfe28f0dad419b9559be5a3b9f00ed6871ca3425ae5f1abc478ed7072c8_ppc64le",
"product": {
"name": "registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:659e7bfe28f0dad419b9559be5a3b9f00ed6871ca3425ae5f1abc478ed7072c8_ppc64le",
"product_id": "registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:659e7bfe28f0dad419b9559be5a3b9f00ed6871ca3425ae5f1abc478ed7072c8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-selinuxd-rhel10@sha256%3A659e7bfe28f0dad419b9559be5a3b9f00ed6871ca3425ae5f1abc478ed7072c8?arch=ppc64le\u0026repository_url=registry.redhat.io/compliance\u0026tag=1771365824"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:8baa5bd3ecbbb1708d1270f7f30b707dd381e72b9a4fef554044039d6404771e_ppc64le",
"product": {
"name": "registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:8baa5bd3ecbbb1708d1270f7f30b707dd381e72b9a4fef554044039d6404771e_ppc64le",
"product_id": "registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:8baa5bd3ecbbb1708d1270f7f30b707dd381e72b9a4fef554044039d6404771e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-selinuxd-rhel8@sha256%3A8baa5bd3ecbbb1708d1270f7f30b707dd381e72b9a4fef554044039d6404771e?arch=ppc64le\u0026repository_url=registry.redhat.io/compliance\u0026tag=1771365778"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:2b2e1b736ad8d69e15ede3f38de2637c695d0819e66d4c9c9df0aa3ebeee9df9_ppc64le",
"product": {
"name": "registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:2b2e1b736ad8d69e15ede3f38de2637c695d0819e66d4c9c9df0aa3ebeee9df9_ppc64le",
"product_id": "registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:2b2e1b736ad8d69e15ede3f38de2637c695d0819e66d4c9c9df0aa3ebeee9df9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-selinuxd-rhel9@sha256%3A2b2e1b736ad8d69e15ede3f38de2637c695d0819e66d4c9c9df0aa3ebeee9df9?arch=ppc64le\u0026repository_url=registry.redhat.io/compliance\u0026tag=1771365810"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:66c78e05a610eb31b8a350502b778305e53da9576ae124a3eb7ab3cc29595297_ppc64le",
"product": {
"name": "registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:66c78e05a610eb31b8a350502b778305e53da9576ae124a3eb7ab3cc29595297_ppc64le",
"product_id": "registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:66c78e05a610eb31b8a350502b778305e53da9576ae124a3eb7ab3cc29595297_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-security-profiles-rhel8-operator@sha256%3A66c78e05a610eb31b8a350502b778305e53da9576ae124a3eb7ab3cc29595297?arch=ppc64le\u0026repository_url=registry.redhat.io/compliance\u0026tag=1770869850"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-security-profiles-operator-bundle@sha256:4604d631307390e44fea4729d87470a32f294f380b4c7c9448a8e1a82ccec5b7_amd64 as a component of OpenShift Security Profiles Operator 1",
"product_id": "OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-security-profiles-operator-bundle@sha256:4604d631307390e44fea4729d87470a32f294f380b4c7c9448a8e1a82ccec5b7_amd64"
},
"product_reference": "registry.redhat.io/compliance/openshift-security-profiles-operator-bundle@sha256:4604d631307390e44fea4729d87470a32f294f380b4c7c9448a8e1a82ccec5b7_amd64",
"relates_to_product_reference": "OpenShift Security Profiles Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:66c78e05a610eb31b8a350502b778305e53da9576ae124a3eb7ab3cc29595297_ppc64le as a component of OpenShift Security Profiles Operator 1",
"product_id": "OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:66c78e05a610eb31b8a350502b778305e53da9576ae124a3eb7ab3cc29595297_ppc64le"
},
"product_reference": "registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:66c78e05a610eb31b8a350502b778305e53da9576ae124a3eb7ab3cc29595297_ppc64le",
"relates_to_product_reference": "OpenShift Security Profiles Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:e599c020744224294ed24d028ad1c5f4cca1192d9d487517286a6b7591d80f54_amd64 as a component of OpenShift Security Profiles Operator 1",
"product_id": "OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:e599c020744224294ed24d028ad1c5f4cca1192d9d487517286a6b7591d80f54_amd64"
},
"product_reference": "registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:e599c020744224294ed24d028ad1c5f4cca1192d9d487517286a6b7591d80f54_amd64",
"relates_to_product_reference": "OpenShift Security Profiles Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:1484157970f2cc4470dfec565fb5f81137402bdcd52d63cd40be4b0e9c8ce039_amd64 as a component of OpenShift Security Profiles Operator 1",
"product_id": "OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:1484157970f2cc4470dfec565fb5f81137402bdcd52d63cd40be4b0e9c8ce039_amd64"
},
"product_reference": "registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:1484157970f2cc4470dfec565fb5f81137402bdcd52d63cd40be4b0e9c8ce039_amd64",
"relates_to_product_reference": "OpenShift Security Profiles Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:659e7bfe28f0dad419b9559be5a3b9f00ed6871ca3425ae5f1abc478ed7072c8_ppc64le as a component of OpenShift Security Profiles Operator 1",
"product_id": "OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:659e7bfe28f0dad419b9559be5a3b9f00ed6871ca3425ae5f1abc478ed7072c8_ppc64le"
},
"product_reference": "registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:659e7bfe28f0dad419b9559be5a3b9f00ed6871ca3425ae5f1abc478ed7072c8_ppc64le",
"relates_to_product_reference": "OpenShift Security Profiles Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:7143fa2fba9fb559ef13143cebfa69dbd7cb1f94284a640e5cbdb700e6cf6de0_amd64 as a component of OpenShift Security Profiles Operator 1",
"product_id": "OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:7143fa2fba9fb559ef13143cebfa69dbd7cb1f94284a640e5cbdb700e6cf6de0_amd64"
},
"product_reference": "registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:7143fa2fba9fb559ef13143cebfa69dbd7cb1f94284a640e5cbdb700e6cf6de0_amd64",
"relates_to_product_reference": "OpenShift Security Profiles Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:8baa5bd3ecbbb1708d1270f7f30b707dd381e72b9a4fef554044039d6404771e_ppc64le as a component of OpenShift Security Profiles Operator 1",
"product_id": "OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:8baa5bd3ecbbb1708d1270f7f30b707dd381e72b9a4fef554044039d6404771e_ppc64le"
},
"product_reference": "registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:8baa5bd3ecbbb1708d1270f7f30b707dd381e72b9a4fef554044039d6404771e_ppc64le",
"relates_to_product_reference": "OpenShift Security Profiles Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:2b2e1b736ad8d69e15ede3f38de2637c695d0819e66d4c9c9df0aa3ebeee9df9_ppc64le as a component of OpenShift Security Profiles Operator 1",
"product_id": "OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:2b2e1b736ad8d69e15ede3f38de2637c695d0819e66d4c9c9df0aa3ebeee9df9_ppc64le"
},
"product_reference": "registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:2b2e1b736ad8d69e15ede3f38de2637c695d0819e66d4c9c9df0aa3ebeee9df9_ppc64le",
"relates_to_product_reference": "OpenShift Security Profiles Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:f7795017bcbace2e5e86ab1e7906d60ddd06c1b7fdd4ce7891eade3d993ec7b8_amd64 as a component of OpenShift Security Profiles Operator 1",
"product_id": "OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:f7795017bcbace2e5e86ab1e7906d60ddd06c1b7fdd4ce7891eade3d993ec7b8_amd64"
},
"product_reference": "registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:f7795017bcbace2e5e86ab1e7906d60ddd06c1b7fdd4ce7891eade3d993ec7b8_amd64",
"relates_to_product_reference": "OpenShift Security Profiles Operator 1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:1484157970f2cc4470dfec565fb5f81137402bdcd52d63cd40be4b0e9c8ce039_amd64",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:659e7bfe28f0dad419b9559be5a3b9f00ed6871ca3425ae5f1abc478ed7072c8_ppc64le",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:7143fa2fba9fb559ef13143cebfa69dbd7cb1f94284a640e5cbdb700e6cf6de0_amd64",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:8baa5bd3ecbbb1708d1270f7f30b707dd381e72b9a4fef554044039d6404771e_ppc64le",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:2b2e1b736ad8d69e15ede3f38de2637c695d0819e66d4c9c9df0aa3ebeee9df9_ppc64le",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:f7795017bcbace2e5e86ab1e7906d60ddd06c1b7fdd4ce7891eade3d993ec7b8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-security-profiles-operator-bundle@sha256:4604d631307390e44fea4729d87470a32f294f380b4c7c9448a8e1a82ccec5b7_amd64",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:66c78e05a610eb31b8a350502b778305e53da9576ae124a3eb7ab3cc29595297_ppc64le",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:e599c020744224294ed24d028ad1c5f4cca1192d9d487517286a6b7591d80f54_amd64"
],
"known_not_affected": [
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:1484157970f2cc4470dfec565fb5f81137402bdcd52d63cd40be4b0e9c8ce039_amd64",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:659e7bfe28f0dad419b9559be5a3b9f00ed6871ca3425ae5f1abc478ed7072c8_ppc64le",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:7143fa2fba9fb559ef13143cebfa69dbd7cb1f94284a640e5cbdb700e6cf6de0_amd64",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:8baa5bd3ecbbb1708d1270f7f30b707dd381e72b9a4fef554044039d6404771e_ppc64le",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:2b2e1b736ad8d69e15ede3f38de2637c695d0819e66d4c9c9df0aa3ebeee9df9_ppc64le",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:f7795017bcbace2e5e86ab1e7906d60ddd06c1b7fdd4ce7891eade3d993ec7b8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-17T23:04:21+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your\nsystem have been applied. For details on how to apply this update, refer to:\n \nhttps://docs.openshift.com/container-platform/latest/updating/updating_a_cluster/updating-cluster-cli.html",
"product_ids": [
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-security-profiles-operator-bundle@sha256:4604d631307390e44fea4729d87470a32f294f380b4c7c9448a8e1a82ccec5b7_amd64",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:66c78e05a610eb31b8a350502b778305e53da9576ae124a3eb7ab3cc29595297_ppc64le",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:e599c020744224294ed24d028ad1c5f4cca1192d9d487517286a6b7591d80f54_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2852"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-security-profiles-operator-bundle@sha256:4604d631307390e44fea4729d87470a32f294f380b4c7c9448a8e1a82ccec5b7_amd64",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:66c78e05a610eb31b8a350502b778305e53da9576ae124a3eb7ab3cc29595297_ppc64le",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:e599c020744224294ed24d028ad1c5f4cca1192d9d487517286a6b7591d80f54_amd64",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:1484157970f2cc4470dfec565fb5f81137402bdcd52d63cd40be4b0e9c8ce039_amd64",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:659e7bfe28f0dad419b9559be5a3b9f00ed6871ca3425ae5f1abc478ed7072c8_ppc64le",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:7143fa2fba9fb559ef13143cebfa69dbd7cb1f94284a640e5cbdb700e6cf6de0_amd64",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:8baa5bd3ecbbb1708d1270f7f30b707dd381e72b9a4fef554044039d6404771e_ppc64le",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:2b2e1b736ad8d69e15ede3f38de2637c695d0819e66d4c9c9df0aa3ebeee9df9_ppc64le",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:f7795017bcbace2e5e86ab1e7906d60ddd06c1b7fdd4ce7891eade3d993ec7b8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
},
{
"cve": "CVE-2025-66564",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:11.786030+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:1484157970f2cc4470dfec565fb5f81137402bdcd52d63cd40be4b0e9c8ce039_amd64",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:659e7bfe28f0dad419b9559be5a3b9f00ed6871ca3425ae5f1abc478ed7072c8_ppc64le",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:7143fa2fba9fb559ef13143cebfa69dbd7cb1f94284a640e5cbdb700e6cf6de0_amd64",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:8baa5bd3ecbbb1708d1270f7f30b707dd381e72b9a4fef554044039d6404771e_ppc64le",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:2b2e1b736ad8d69e15ede3f38de2637c695d0819e66d4c9c9df0aa3ebeee9df9_ppc64le",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:f7795017bcbace2e5e86ab1e7906d60ddd06c1b7fdd4ce7891eade3d993ec7b8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419054"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Sigstore Timestamp Authority. This vulnerability allows a denial of service via excessive memory allocation when processing a specially crafted Object Identifier or Content-Type header.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/timestamp-authority: Sigstore Timestamp Authority: Denial of Service via excessive OID or Content-Type header parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The Sigstore Timestamp Authority, a service for issuing RFC 3161 timestamps, is prone to excessive memory allocation. This occurs when processing untrusted OID payloads with many period characters or malformed Content-Type headers. An unauthenticated attacker could exploit this flaw to trigger a denial of service in affected Red Hat products that utilize this component.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-security-profiles-operator-bundle@sha256:4604d631307390e44fea4729d87470a32f294f380b4c7c9448a8e1a82ccec5b7_amd64",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:66c78e05a610eb31b8a350502b778305e53da9576ae124a3eb7ab3cc29595297_ppc64le",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:e599c020744224294ed24d028ad1c5f4cca1192d9d487517286a6b7591d80f54_amd64"
],
"known_not_affected": [
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:1484157970f2cc4470dfec565fb5f81137402bdcd52d63cd40be4b0e9c8ce039_amd64",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:659e7bfe28f0dad419b9559be5a3b9f00ed6871ca3425ae5f1abc478ed7072c8_ppc64le",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:7143fa2fba9fb559ef13143cebfa69dbd7cb1f94284a640e5cbdb700e6cf6de0_amd64",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:8baa5bd3ecbbb1708d1270f7f30b707dd381e72b9a4fef554044039d6404771e_ppc64le",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:2b2e1b736ad8d69e15ede3f38de2637c695d0819e66d4c9c9df0aa3ebeee9df9_ppc64le",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:f7795017bcbace2e5e86ab1e7906d60ddd06c1b7fdd4ce7891eade3d993ec7b8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66564"
},
{
"category": "external",
"summary": "RHBZ#2419054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66564",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66564"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66564",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66564"
},
{
"category": "external",
"summary": "https://github.com/sigstore/timestamp-authority/commit/0cae34e197d685a14904e0bad135b89d13b69421",
"url": "https://github.com/sigstore/timestamp-authority/commit/0cae34e197d685a14904e0bad135b89d13b69421"
},
{
"category": "external",
"summary": "https://github.com/sigstore/timestamp-authority/security/advisories/GHSA-4qg8-fj49-pxjh",
"url": "https://github.com/sigstore/timestamp-authority/security/advisories/GHSA-4qg8-fj49-pxjh"
}
],
"release_date": "2025-12-04T22:37:13.307000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-17T23:04:21+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your\nsystem have been applied. For details on how to apply this update, refer to:\n \nhttps://docs.openshift.com/container-platform/latest/updating/updating_a_cluster/updating-cluster-cli.html",
"product_ids": [
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-security-profiles-operator-bundle@sha256:4604d631307390e44fea4729d87470a32f294f380b4c7c9448a8e1a82ccec5b7_amd64",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:66c78e05a610eb31b8a350502b778305e53da9576ae124a3eb7ab3cc29595297_ppc64le",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:e599c020744224294ed24d028ad1c5f4cca1192d9d487517286a6b7591d80f54_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2852"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-security-profiles-operator-bundle@sha256:4604d631307390e44fea4729d87470a32f294f380b4c7c9448a8e1a82ccec5b7_amd64",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:66c78e05a610eb31b8a350502b778305e53da9576ae124a3eb7ab3cc29595297_ppc64le",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-security-profiles-rhel8-operator@sha256:e599c020744224294ed24d028ad1c5f4cca1192d9d487517286a6b7591d80f54_amd64",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:1484157970f2cc4470dfec565fb5f81137402bdcd52d63cd40be4b0e9c8ce039_amd64",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel10@sha256:659e7bfe28f0dad419b9559be5a3b9f00ed6871ca3425ae5f1abc478ed7072c8_ppc64le",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:7143fa2fba9fb559ef13143cebfa69dbd7cb1f94284a640e5cbdb700e6cf6de0_amd64",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel8@sha256:8baa5bd3ecbbb1708d1270f7f30b707dd381e72b9a4fef554044039d6404771e_ppc64le",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:2b2e1b736ad8d69e15ede3f38de2637c695d0819e66d4c9c9df0aa3ebeee9df9_ppc64le",
"OpenShift Security Profiles Operator 1:registry.redhat.io/compliance/openshift-selinuxd-rhel9@sha256:f7795017bcbace2e5e86ab1e7906d60ddd06c1b7fdd4ce7891eade3d993ec7b8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/timestamp-authority: Sigstore Timestamp Authority: Denial of Service via excessive OID or Content-Type header parsing"
}
]
}
RHSA-2026:2900
Vulnerability from csaf_redhat - Published: 2026-02-18 08:39 - Updated: 2026-07-18 13:02A local privilege escalation vulnerability has been discovered in containerd. This vulnerability is the result of an overly broad default permission which allows local users on the host to potentially access the metadata store, the content store and the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64 | — |
Workaround
|
A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64 | — |
Workaround
|
A flaw was found in Lodash. A prototype pollution vulnerability in the _.unset and _.omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64 | — |
Workaround
|
A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64 | — |
Workaround
|
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64 | — |
Workaround
|
A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64 | — |
Workaround
|
A flaw was found in containerd. This vulnerability allows a user to exhaust memory on the host due to goroutine leaks via a bug in the CRI (Container Runtime Interface) Attach implementation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64 | — |
An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64 | — |
Workaround
|
A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64 | — |
A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64 | — |
Workaround
|
A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64 | — |
urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64 | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le | — | ||
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64 | — |
A flaw was found in the node-tar library. This vulnerability allows an attacker to craft malicious archives that, when extracted, can bypass intended security restrictions. This leads to arbitrary file overwrite and symlink poisoning, potentially allowing unauthorized modification of files on the system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64 | — |
Workaround
|
A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64 | — |
Workaround
|
A flaw was found in node-tar, a Node.js module for handling TAR archives. This vulnerability allows a remote attacker to bypass path traversal protections by crafting a malicious TAR archive. The security check for hardlink entries uses different path resolution logic than the actual hardlink creation, enabling the attacker to create hardlinks to arbitrary files outside the intended extraction directory. This could lead to unauthorized information disclosure or further system compromise.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64 | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le | — |
Workaround
|
|
| Unresolved product id: Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Network Observability 1.11 for Red Hat OpenShift.",
"title": "Topic"
},
{
"category": "general",
"text": "Network flows collector and monitoring solution.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:2900",
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-25621",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-13465",
"url": "https://access.redhat.com/security/cve/CVE-2025-13465"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15284",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52881",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-58183",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-64329",
"url": "https://access.redhat.com/security/cve/CVE-2025-64329"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66031",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66471",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21441",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-23745",
"url": "https://access.redhat.com/security/cve/CVE-2026-23745"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24049",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24842",
"url": "https://access.redhat.com/security/cve/CVE-2026-24842"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.openshift.com/container-platform/latest/observability/network_observability/network-observability-operator-release-notes.html",
"url": "https://docs.openshift.com/container-platform/latest/observability/network_observability/network-observability-operator-release-notes.html"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2900.json"
}
],
"title": "Red Hat Security Advisory: Network Observability 1.11.0 for OpenShift",
"tracking": {
"current_release_date": "2026-07-18T13:02:26+00:00",
"generator": {
"date": "2026-07-18T13:02:26+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.7"
}
},
"id": "RHSA-2026:2900",
"initial_release_date": "2026-02-18T08:39:41+00:00",
"revision_history": [
{
"date": "2026-02-18T08:39:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-18T08:39:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-18T13:02:26+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Network Observability (NETOBSERV) 1.11.2",
"product": {
"name": "Network Observability (NETOBSERV) 1.11.2",
"product_id": "Network Observability (NETOBSERV) 1.11.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_observ_optr:1.11::el9"
}
}
}
],
"category": "product_family",
"name": "Network Observability (NETOBSERV)"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"product_id": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256%3A9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18?arch=amd64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771229282"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"product_id": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256%3A0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc?arch=amd64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771226629"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"product_id": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256%3Aa852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967?arch=amd64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771226060"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"product_id": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-compat-rhel9@sha256%3Aa9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545?arch=amd64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771227610"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"product_id": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256%3A4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502?arch=amd64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771227650"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"product_id": "registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256%3A6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df?arch=amd64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771231259"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"product_id": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256%3A5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209?arch=amd64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771230433"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"product_id": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256%3Ac2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199?arch=arm64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771229282"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"product_id": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256%3Ae72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228?arch=arm64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771226629"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"product_id": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256%3A0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3?arch=arm64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771226060"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"product_id": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-compat-rhel9@sha256%3A17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16?arch=arm64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771227610"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"product_id": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256%3A77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1?arch=arm64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771227650"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64",
"product_id": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256%3Acfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c?arch=arm64\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771230433"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"product_id": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256%3A84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771229282"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"product_id": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256%3Af85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771226629"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"product_id": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256%3A472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771226060"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"product_id": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-compat-rhel9@sha256%3A7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771227610"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"product_id": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256%3A3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771227650"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"product_id": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256%3A9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771230433"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"product_id": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256%3A8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d?arch=s390x\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771229282"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"product_id": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256%3A619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7?arch=s390x\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771226629"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"product_id": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256%3A9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461?arch=s390x\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771226060"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"product_id": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-compat-rhel9@sha256%3A325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870?arch=s390x\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771227610"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"product_id": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256%3Abb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6?arch=s390x\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771227650"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"product": {
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"product_id": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256%3A3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f?arch=s390x\u0026repository_url=registry.redhat.io/network-observability\u0026tag=1771230433"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64 as a component of Network Observability (NETOBSERV) 1.11.2",
"product_id": "Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le as a component of Network Observability (NETOBSERV) 1.11.2",
"product_id": "Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x as a component of Network Observability (NETOBSERV) 1.11.2",
"product_id": "Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64 as a component of Network Observability (NETOBSERV) 1.11.2",
"product_id": "Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64 as a component of Network Observability (NETOBSERV) 1.11.2",
"product_id": "Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x as a component of Network Observability (NETOBSERV) 1.11.2",
"product_id": "Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le as a component of Network Observability (NETOBSERV) 1.11.2",
"product_id": "Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64 as a component of Network Observability (NETOBSERV) 1.11.2",
"product_id": "Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le as a component of Network Observability (NETOBSERV) 1.11.2",
"product_id": "Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64 as a component of Network Observability (NETOBSERV) 1.11.2",
"product_id": "Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64 as a component of Network Observability (NETOBSERV) 1.11.2",
"product_id": "Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x as a component of Network Observability (NETOBSERV) 1.11.2",
"product_id": "Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64 as a component of Network Observability (NETOBSERV) 1.11.2",
"product_id": "Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x as a component of Network Observability (NETOBSERV) 1.11.2",
"product_id": "Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64 as a component of Network Observability (NETOBSERV) 1.11.2",
"product_id": "Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le as a component of Network Observability (NETOBSERV) 1.11.2",
"product_id": "Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le as a component of Network Observability (NETOBSERV) 1.11.2",
"product_id": "Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x as a component of Network Observability (NETOBSERV) 1.11.2",
"product_id": "Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64 as a component of Network Observability (NETOBSERV) 1.11.2",
"product_id": "Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64 as a component of Network Observability (NETOBSERV) 1.11.2",
"product_id": "Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64 as a component of Network Observability (NETOBSERV) 1.11.2",
"product_id": "Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x as a component of Network Observability (NETOBSERV) 1.11.2",
"product_id": "Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64 as a component of Network Observability (NETOBSERV) 1.11.2",
"product_id": "Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le as a component of Network Observability (NETOBSERV) 1.11.2",
"product_id": "Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64 as a component of Network Observability (NETOBSERV) 1.11.2",
"product_id": "Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
},
"product_reference": "registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64",
"relates_to_product_reference": "Network Observability (NETOBSERV) 1.11.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-25621",
"cwe": {
"id": "CWE-279",
"name": "Incorrect Execution-Assigned Permissions"
},
"discovery_date": "2025-11-06T19:01:04.402278+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2413190"
}
],
"notes": [
{
"category": "description",
"text": "A local privilege escalation vulnerability has been discovered in containerd. This vulnerability is the result of an overly broad default permission which allows local users on the host to potentially access the metadata store, the content store and the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/containerd/containerd: containerd local privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "RHBZ#2413190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413190"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-25621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25621"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/blob/main/docs/rootless.md",
"url": "https://github.com/containerd/containerd/blob/main/docs/rootless.md"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5",
"url": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w"
}
],
"release_date": "2025-11-06T18:36:21.566000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
},
{
"category": "workaround",
"details": "The system administrator on the host can manually chmod the directories to not\nhave group or world accessible permissions:\n```\nchmod 700 /var/lib/containerd\nchmod 700 /run/containerd/io.containerd.grpc.v1.cri\nchmod 700 /run/containerd/io.containerd.sandbox.controller.v1.shim\n```\nAn alternative mitigation would be to run containerd in rootless mode.",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/containerd/containerd: containerd local privilege escalation"
},
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-13465",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2026-01-21T20:01:28.774829+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431740"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Lodash. A prototype pollution vulnerability in the _.unset and _.omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lodash: prototype pollution in _.unset and _.omit functions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is only exploitable by applications using the _.unset and _.omit functions on an object and allowing user input to determine the path of the property to be removed. This issue only allows the deletion of properties but does not allow overwriting their behavior, limiting the impact to a denial of service. Due to this reason, this vulnerability has been rated with an important severity.\n\nIn Grafana, JavaScript code runs only in the browser, while the server side is all Golang. Therefore, the worst-case scenario is a loss of functionality in the client application inside the browser. To reflect this, the CVSS availability metric and the severity of the Grafana and the Grafana-PCP component have been updated to low and moderate, respectively.\n\nThe lodash dependency is bundled and used by the pcs-web-ui component of the PCS package. In Red Hat Enterprise Linux 8.10, the pcs-web-ui component is no longer included in the PCS package. As a result, RHEL 8.10 does not ship the vulnerable lodash component within PCS and is therefore not-affected by this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-13465"
},
{
"category": "external",
"summary": "RHBZ#2431740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431740"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-13465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13465"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-13465",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13465"
},
{
"category": "external",
"summary": "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg",
"url": "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg"
}
],
"release_date": "2026-01-21T19:05:28.846000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement strict input validation before passing any property paths to the _.unset and _.omit functions to block attempts to access the prototype chain. Ensure that strings like __proto__, constructor and prototype are blocked, for example.",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lodash: prototype pollution in _.unset and _.omit functions"
},
{
"cve": "CVE-2025-15284",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-29T23:00:58.541337+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425946"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "qs: qs: Denial of Service via improper input validation in array parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products that utilize the `qs` module for parsing query strings, particularly when processing user-controlled input with bracket notation. The `arrayLimit` option, intended to prevent resource exhaustion, is bypassed when bracket notation (`a[]=value`) is used, allowing a remote attacker to cause a denial of service through memory exhaustion. This can lead to application crashes or unresponsiveness, making the service unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "RHBZ#2425946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425946"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9",
"url": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p",
"url": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p"
}
],
"release_date": "2025-12-29T22:56:45.240000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "qs: qs: Denial of Service via improper input validation in array parsing"
},
{
"cve": "CVE-2025-52881",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.652000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404715"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "RHBZ#2404715",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404715"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm",
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/selinux/pull/237",
"url": "https://github.com/opencontainers/selinux/pull/237"
}
],
"release_date": "2025-11-05T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using rootless containers, as doing so will block most of the inadvertent writes (runc would run with reduced privileges, making attempts to write to procfs files ineffective).\n* Based on our analysis, neither AppArmor or SELinux can protect against the full version of the redirected write attack. The container runtime is generally privileged enough to write to arbitrary procfs files, which is more than sufficient to cause a container breakout.",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects"
},
{
"cve": "CVE-2025-58183",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-29T23:01:50.573951+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407258"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to be able to process a specially crafted GNU tar pax 1.0 archive with the application using the archive/tar package. Additionally, this issue can cause the Go application to allocate a large amount of memory, eventually leading to an out-of-memory condition and resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "RHBZ#2407258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://go.dev/cl/709861",
"url": "https://go.dev/cl/709861"
},
{
"category": "external",
"summary": "https://go.dev/issue/75677",
"url": "https://go.dev/issue/75677"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4014",
"url": "https://pkg.go.dev/vuln/GO-2025-4014"
}
],
"release_date": "2025-10-29T22:10:14.376000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map"
},
{
"cve": "CVE-2025-64329",
"cwe": {
"id": "CWE-771",
"name": "Missing Reference to Active Allocated Resource"
},
"discovery_date": "2025-11-07T05:01:08.634160+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2413299"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in containerd. This vulnerability allows a user to exhaust memory on the host due to goroutine leaks via a bug in the CRI (Container Runtime Interface) Attach implementation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/containerd/containerd: containerd: Memory exhaustion via CRI Attach implementation goroutine leaks",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The highest threat of this vulnerability is to system availability. A flaw in containerd\u0027s CRI Attach implementation allows a user to exhaust memory on the host due to goroutine leaks, leading to a denial of service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-64329"
},
{
"category": "external",
"summary": "RHBZ#2413299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413299"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-64329",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64329"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-64329",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64329"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/commit/083b53cd6f19b5de7717b0ce92c11bdf95e612df",
"url": "https://github.com/containerd/containerd/commit/083b53cd6f19b5de7717b0ce92c11bdf95e612df"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/security/advisories/GHSA-m6hq-p25p-ffr2",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-m6hq-p25p-ffr2"
}
],
"release_date": "2025-11-07T04:15:09.381000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/containerd/containerd: containerd: Memory exhaustion via CRI Attach implementation goroutine leaks"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-11-26T23:01:36.363253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417397"
}
],
"notes": [
{
"category": "description",
"text": "An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge ASN.1 Unbounded Recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "RHBZ#2417397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
"url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
}
],
"release_date": "2025-11-26T22:23:26.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: node-forge ASN.1 Unbounded Recursion"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
},
{
"cve": "CVE-2025-66471",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-05T17:02:21.597728+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419467"
}
],
"notes": [
{
"category": "description",
"text": "A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 Streaming API improperly handles highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in urllib3\u0027s streaming API that can lead to excessive resource consumption, including high CPU usage and significant memory allocation. When processing highly compressed data from untrusted sources, even small requested chunks can trigger full decompression, posing a denial-of-service risk to client-side applications utilizing affected urllib3 versions prior to 2.6.0.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "RHBZ#2419467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7",
"url": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37"
}
],
"release_date": "2025-12-05T16:06:08.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 Streaming API improperly handles highly compressed data"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
},
{
"cve": "CVE-2026-21441",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-01-07T23:01:59.422078+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427726"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is an HTTP client library for Python. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "RHBZ#2427726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b",
"url": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99"
}
],
"release_date": "2026-01-07T22:09:01.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)"
},
{
"cve": "CVE-2026-23745",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-01-16T23:01:26.508727+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430538"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the node-tar library. This vulnerability allows an attacker to craft malicious archives that, when extracted, can bypass intended security restrictions. This leads to arbitrary file overwrite and symlink poisoning, potentially allowing unauthorized modification of files on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products that utilize the node-tar library. The flaw allows an attacker to perform arbitrary file overwrite and symlink poisoning by crafting malicious tar archives. This occurs due to insufficient path sanitization of hardlink and symbolic link entries, even when the default secure behavior (preservePaths is false) is enabled.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23745"
},
{
"category": "external",
"summary": "RHBZ#2430538",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430538"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23745",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23745"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23745",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23745"
},
{
"category": "external",
"summary": "https://github.com/isaacs/node-tar/commit/340eb285b6d986e91969a1170d7fe9b0face405e",
"url": "https://github.com/isaacs/node-tar/commit/340eb285b6d986e91969a1170d7fe9b0face405e"
},
{
"category": "external",
"summary": "https://github.com/isaacs/node-tar/security/advisories/GHSA-8qq5-rm4j-mr97",
"url": "https://github.com/isaacs/node-tar/security/advisories/GHSA-8qq5-rm4j-mr97"
}
],
"release_date": "2026-01-16T22:00:08.769000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives"
},
{
"cve": "CVE-2026-24049",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-01-22T05:00:54.709179+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431959"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "RHBZ#2431959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24049",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24049"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef",
"url": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/releases/tag/0.46.2",
"url": "https://github.com/pypa/wheel/releases/tag/0.46.2"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx",
"url": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx"
}
],
"release_date": "2026-01-22T04:02:08.706000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking"
},
{
"cve": "CVE-2026-24842",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2026-01-28T01:01:16.886629+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2433645"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-tar, a Node.js module for handling TAR archives. This vulnerability allows a remote attacker to bypass path traversal protections by crafting a malicious TAR archive. The security check for hardlink entries uses different path resolution logic than the actual hardlink creation, enabling the attacker to create hardlinks to arbitrary files outside the intended extraction directory. This could lead to unauthorized information disclosure or further system compromise.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an IMPORTANT vulnerability in node-tar, a Node.js module for handling TAR archives. The flaw allows an attacker to bypass path traversal protections by crafting a malicious TAR archive. This could lead to the creation of hardlinks to arbitrary files outside the intended extraction directory, potentially resulting in unauthorized information disclosure or further system compromise in affected Red Hat products utilizing node-tar for archive processing.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x"
],
"known_not_affected": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24842"
},
{
"category": "external",
"summary": "RHBZ#2433645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433645"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24842",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24842"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24842",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24842"
},
{
"category": "external",
"summary": "https://github.com/isaacs/node-tar/commit/f4a7aa9bc3d717c987fdf1480ff7a64e87ffdb46",
"url": "https://github.com/isaacs/node-tar/commit/f4a7aa9bc3d717c987fdf1480ff7a64e87ffdb46"
},
{
"category": "external",
"summary": "https://github.com/isaacs/node-tar/security/advisories/GHSA-34x7-hfp2-rc4v",
"url": "https://github.com/isaacs/node-tar/security/advisories/GHSA-34x7-hfp2-rc4v"
}
],
"release_date": "2026-01-28T00:20:13.261000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T08:39:41+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2900"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:0c677aebfafea3f13c298396e9975da6fb392df0cef1b62df54d66b0f08376a3_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:472aaa4cabacdc52ecd2cd9d25710027612cc1c92a4a2685bf5321507028ec0d_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:9266caf90f473509cbd104e1d00b57a4695f16cf4e0be53819560821e0236461_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-cli-rhel9@sha256:a852fe93a3de2a35b3f13cfa0ea0600f9518d4b97c123353eb2b4f78202e7967_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:17be6b67f5ed6757b65df0d59dc5d59130ee2e3510c60453de77fadfd7ca3c16_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:325db5ee476d5467e24748b6a66def44ff06e91e7e0665f43a49d7df9dbc9870_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:7ed8059b6fb8ccc57c6c6aca6c826e4b45db3079cdf6d2854dec467a94fe46ab_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-compat-rhel9@sha256:a9d0f02ab4310c5a2b2026f424a07d35bcd2ab74e5f9fabba10a2514bef29545_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:3f4b1539a41af46e0dcc3ee1e06d760b504448190cf1f5963171e504cbcb82e2_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:4cb55d496e82d09f2a9f57f1b676d24134b1e4f817e10d4535581d4cb2728502_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:77695f611b1122150c84ee648c674037c488007684d8644a5fc420e111e447b1_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-console-plugin-rhel9@sha256:bb0f0e05c7bb037cd07c260a8fcea50fb62cc433d8cd504c4bb065f994c359c6_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:0d23eb03050bcf371d44613a679456222b064cd3a6c17ea9a3c34f1ac7e3cbfc_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:619759fd4607dbb26e8ef0d47f50f8ec24323f0766167e4df15c51d6c31b9be7_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:e72278e61f7300880988fbac4e4e728e7f2ad14c3061ac39ece0d59a3cd5e228_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9@sha256:f85ae8937c0d75a29dfe601110e5b358f8d92bb85bb43fff9bc88667ad43e4dc_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:84a41b297f620c777236b298ee3dca1656916757cfb043f96c035656f8b9c353_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8b660cd90abfe68d05668562155759079e7012448c142234ea3a37e6ee41436d_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:9e495db6e28bb6e38b263557d303081ed3199039dc1e7d18c704be8b64d8dd18_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:c2a7793ccbaf491a6018f3dd63b10f29e205441d1dd7ca9184b1b46f6db4b199_arm64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-operator-bundle@sha256:6cc2706d0f934502e78d4f4585e0787a84e6751ff946568c21dbe7a87df699df_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:3180d33b433733fc469a0a8b2bf613f137eba10fd75f8bc586066d4d303a3a5f_s390x",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:5938d399221a1f7ad395ea18adf0fd5274e009f1de48114bc4d07968566b7209_amd64",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:9b5e5c68ff2fdd5ca27e34e8eda5d0e8a230eea65cdfa768a6f6643c1a35da76_ppc64le",
"Network Observability (NETOBSERV) 1.11.2:registry.redhat.io/network-observability/network-observability-rhel9-operator@sha256:cfa8bd4f51b690217a305347ac412ee4efed2bdea695fa99f8f771c4f271b59c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check"
}
]
}
RHSA-2026:2922
Vulnerability from csaf_redhat - Published: 2026-02-18 12:26 - Updated: 2026-07-18 09:16A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSH_AGENT_SUCCESS (0x06) message to requests expecting typed replies (e.g., List, Sign). The unmarshal layer produces an unexpected message type, which the client code does not handle, leading to panic("unreachable") or a nil-pointer dereference. A malicious agent or forwarded connection can exploit this to terminate the client process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64 | — |
Workaround
|
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64 | — |
A flaw was found in auth0/node-jws. This vulnerability allows improper signature verification via using the HS256 (Hash-based Message Authentication Code using SHA-256) algorithm under specific conditions, where applications use the jws.createVerify() function for HMAC (Keyed-Hash Message Authentication Code) algorithms and user-provided data from the JSON (JavaScript Object Notation) Web Signature protected header or payload in HMAC secret lookup routines.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64 | — |
Workaround
|
A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64 | — |
A flaw was found in Fulcio, a certificate authority for issuing code signing certificates. A remote attacker could exploit this by bypassing MetaIssuer URL validation due to unanchored regular expressions (regex) in the `metaRegex()` function. This vulnerability could lead to Server-Side Request Forgery (SSRF), allowing the attacker to probe internal network services. While the flaw only permits GET requests, preventing state changes or data exfiltration, it still poses a risk for internal network reconnaissance.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The 1.2.2 release of Red Hat Trusted Artifact Signer OpenShift Operator.\nFor more details please visit the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2",
"title": "Topic"
},
{
"category": "general",
"text": "The RHTAS Operator can be used with OpenShift Container Platform 4.15, 4.16, 4.17, 4.18 and 4.19",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:2922",
"url": "https://access.redhat.com/errata/RHSA-2026:2922"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47913",
"url": "https://access.redhat.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-65945",
"url": "https://access.redhat.com/security/cve/CVE-2025-65945"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22772",
"url": "https://access.redhat.com/security/cve/CVE-2026-22772"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2922.json"
}
],
"title": "Red Hat Security Advisory: RHTAS 1.2.2 - Red Hat Trusted Artifact Signer Release",
"tracking": {
"current_release_date": "2026-07-18T09:16:47+00:00",
"generator": {
"date": "2026-07-18T09:16:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.7"
}
},
"id": "RHSA-2026:2922",
"initial_release_date": "2026-02-18T12:26:00+00:00",
"revision_history": [
{
"date": "2026-02-18T12:26:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-18T12:26:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-18T09:16:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Trusted Artifact Signer 1.2",
"product": {
"name": "Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:trusted_artifact_signer:1.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Trusted Artifact Signer"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64",
"product": {
"name": "registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64",
"product_id": "registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cosign-rhel9@sha256%3A8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1770733887"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64",
"product": {
"name": "registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64",
"product_id": "registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fetch-tsa-certs-rhel9@sha256%3Ae001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1770737394"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64",
"product": {
"name": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64",
"product_id": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitsign-rhel9@sha256%3A4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1770734283"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64",
"product": {
"name": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64",
"product_id": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rekor-cli-rhel9@sha256%3A6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1770738512"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64",
"product": {
"name": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64",
"product_id": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64",
"product_identification_helper": {
"purl": "pkg:oci/updatetree-rhel9@sha256%3Acfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1770734118"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64 as a component of Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64"
},
"product_reference": "registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64 as a component of Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64"
},
"product_reference": "registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64 as a component of Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64"
},
"product_reference": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64 as a component of Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64"
},
"product_reference": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64 as a component of Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64"
},
"product_reference": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47913",
"discovery_date": "2025-11-13T22:01:26.092452+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2414943"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSH_AGENT_SUCCESS (0x06) message to requests expecting typed replies (e.g., List, Sign). The unmarshal layer produces an unexpected message type, which the client code does not handle, leading to panic(\"unreachable\") or a nil-pointer dereference. A malicious agent or forwarded connection can exploit this to terminate the client process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was marked as Important because it allows any malicious or misbehaving SSH agent to force a crash in the client process using a single valid protocol byte. The panic occurs before the client has a chance to validate message structure or recover, which means an attacker controlling\u2014or intercepting\u2014SSH agent traffic can reliably terminate processes that rely on agent interactions. In environments where SSH agents operate over forwarded sockets, shared workspaces, or CI/CD runners, this turns into a reliable, unauthenticated remote denial of service against critical automation or developer tooling. The flaw also stems from unsafe assumptions in the unmarshalling logic, where unexpected but protocol-legal message types drop into \u201cunreachable\u201d code paths instead of being handled gracefully\u2014making it a design-level reliability break rather than a simple error-handling bug. For this reason, it is rated as an important availability-impacting vulnerability rather than a moderate issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "RHBZ#2414943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414943"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47913"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-hcg3-q754-cr77",
"url": "https://github.com/advisories/GHSA-hcg3-q754-cr77"
},
{
"category": "external",
"summary": "https://go.dev/cl/700295",
"url": "https://go.dev/cl/700295"
},
{
"category": "external",
"summary": "https://go.dev/issue/75178",
"url": "https://go.dev/issue/75178"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4116",
"url": "https://pkg.go.dev/vuln/GO-2025-4116"
}
],
"release_date": "2025-11-13T21:29:39.907000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T12:26:00+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2922"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T12:26:00+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2922"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-65945",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2025-12-04T19:01:14.733682+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418904"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in auth0/node-jws. This vulnerability allows improper signature verification via using the HS256 (Hash-based Message Authentication Code using SHA-256) algorithm under specific conditions, where applications use the jws.createVerify() function for HMAC (Keyed-Hash Message Authentication Code) algorithms and user-provided data from the JSON (JavaScript Object Notation) Web Signature protected header or payload in HMAC secret lookup routines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-jws: auth0/node-jws: Improper signature verification in HS256 algorithm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-65945"
},
{
"category": "external",
"summary": "RHBZ#2418904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-65945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65945"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-65945",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65945"
},
{
"category": "external",
"summary": "https://github.com/auth0/node-jws/commit/34c45b2c04434f925b638de6a061de9339c0ea2e",
"url": "https://github.com/auth0/node-jws/commit/34c45b2c04434f925b638de6a061de9339c0ea2e"
},
{
"category": "external",
"summary": "https://github.com/auth0/node-jws/security/advisories/GHSA-869p-cjfg-cm3x",
"url": "https://github.com/auth0/node-jws/security/advisories/GHSA-869p-cjfg-cm3x"
}
],
"release_date": "2025-12-04T18:45:37.517000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T12:26:00+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2922"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-jws: auth0/node-jws: Improper signature verification in HS256 algorithm"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T12:26:00+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2922"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
},
{
"cve": "CVE-2026-22772",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2026-01-12T22:01:21.336171+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2428808"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a certificate authority for issuing code signing certificates. A remote attacker could exploit this by bypassing MetaIssuer URL validation due to unanchored regular expressions (regex) in the `metaRegex()` function. This vulnerability could lead to Server-Side Request Forgery (SSRF), allowing the attacker to probe internal network services. While the flaw only permits GET requests, preventing state changes or data exfiltration, it still poses a risk for internal network reconnaissance.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fulcio: Fulcio: Server-Side Request Forgery (SSRF) via unanchored regex in MetaIssuer URL validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate for Red Hat products. A flaw in Fulcio\u0027s URL validation allows attackers to bypass security checks, leading to Server-Side Request Forgery (SSRF). This could enable internal network reconnaissance within affected Red Hat OpenShift and Ansible Automation Platform deployments, though it does not permit state changes or data exfiltration.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22772"
},
{
"category": "external",
"summary": "RHBZ#2428808",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428808"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22772",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22772"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22772",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22772"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/eaae2f2be56df9dea5f9b439ec81bedae4c0978d",
"url": "https://github.com/sigstore/fulcio/commit/eaae2f2be56df9dea5f9b439ec81bedae4c0978d"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-59jp-pj84-45mr",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-59jp-pj84-45mr"
}
],
"release_date": "2026-01-12T20:58:53.659000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T12:26:00+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2922"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/cosign-rhel9@sha256:8efb2c8f77e91d7a15063ddc6f7eca1226a494f0f9340590af6e3a2eb9c462c3_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:e001128c079f0355e88161c08f092d0d5b0d2f984fdb672002d4bcddf9585cd5_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4c59990381ce313cd845257e95fd2e910b3d84459c5b3c3aa09fce954a328101_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:6dc1b8af2586c0b7dc2786ed075f3e387943bed78818e02c7bd38f0ac1cace0b_amd64",
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/updatetree-rhel9@sha256:cfba6d424b5e45362bb4e61d9b05bb49a24beb56a3c5ddc3aebdd2e0647179de_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "fulcio: Fulcio: Server-Side Request Forgery (SSRF) via unanchored regex in MetaIssuer URL validation"
}
]
}
RHSA-2026:2924
Vulnerability from csaf_redhat - Published: 2026-02-18 12:35 - Updated: 2026-07-18 13:02A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64 | — |
Vendor Fix
fix
|
A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64 | — |
Vendor Fix
fix
|
urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64 | — |
Vendor Fix
fix
|
A flaw was found in Fulcio, a certificate authority for issuing code signing certificates. A remote attacker could exploit this by bypassing MetaIssuer URL validation due to unanchored regular expressions (regex) in the `metaRegex()` function. This vulnerability could lead to Server-Side Request Forgery (SSRF), allowing the attacker to probe internal network services. While the flaw only permits GET requests, preventing state changes or data exfiltration, it still poses a risk for internal network reconnaissance.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The 1.2.2 release of Red Hat Trusted Artifact Signer OpenShift Operator.\nFor more details please visit the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2",
"title": "Topic"
},
{
"category": "general",
"text": "The RHTAS Operator can be used with OpenShift Container Platform 4.15, 4.16, 4.17, 4.18 and 4.19",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:2924",
"url": "https://access.redhat.com/errata/RHSA-2026:2924"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66471",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21441",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22772",
"url": "https://access.redhat.com/security/cve/CVE-2026-22772"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2924.json"
}
],
"title": "Red Hat Security Advisory: RHTAS 1.2.2 - Red Hat Trusted Artifact Signer Release",
"tracking": {
"current_release_date": "2026-07-18T13:02:29+00:00",
"generator": {
"date": "2026-07-18T13:02:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.7"
}
},
"id": "RHSA-2026:2924",
"initial_release_date": "2026-02-18T12:35:32+00:00",
"revision_history": [
{
"date": "2026-02-18T12:35:32+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-18T12:35:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-18T13:02:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Trusted Artifact Signer 1.2",
"product": {
"name": "Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:trusted_artifact_signer:1.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Trusted Artifact Signer"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64",
"product": {
"name": "registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64",
"product_id": "registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64",
"product_identification_helper": {
"purl": "pkg:oci/client-server-rhel9@sha256%3A47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49?arch=amd64\u0026repository_url=registry.redhat.io/rhtas\u0026tag=1770789792"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64 as a component of Red Hat Trusted Artifact Signer 1.2",
"product_id": "Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64"
},
"product_reference": "registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T12:35:32+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2924"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
},
{
"cve": "CVE-2025-66471",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-05T17:02:21.597728+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419467"
}
],
"notes": [
{
"category": "description",
"text": "A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 Streaming API improperly handles highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in urllib3\u0027s streaming API that can lead to excessive resource consumption, including high CPU usage and significant memory allocation. When processing highly compressed data from untrusted sources, even small requested chunks can trigger full decompression, posing a denial-of-service risk to client-side applications utilizing affected urllib3 versions prior to 2.6.0.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "RHBZ#2419467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7",
"url": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37"
}
],
"release_date": "2025-12-05T16:06:08.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T12:35:32+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2924"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 Streaming API improperly handles highly compressed data"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T12:35:32+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2924"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
},
{
"cve": "CVE-2026-21441",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-01-07T23:01:59.422078+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427726"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is an HTTP client library for Python. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "RHBZ#2427726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b",
"url": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99"
}
],
"release_date": "2026-01-07T22:09:01.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T12:35:32+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2924"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)"
},
{
"cve": "CVE-2026-22772",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2026-01-12T22:01:21.336171+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2428808"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a certificate authority for issuing code signing certificates. A remote attacker could exploit this by bypassing MetaIssuer URL validation due to unanchored regular expressions (regex) in the `metaRegex()` function. This vulnerability could lead to Server-Side Request Forgery (SSRF), allowing the attacker to probe internal network services. While the flaw only permits GET requests, preventing state changes or data exfiltration, it still poses a risk for internal network reconnaissance.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fulcio: Fulcio: Server-Side Request Forgery (SSRF) via unanchored regex in MetaIssuer URL validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate for Red Hat products. A flaw in Fulcio\u0027s URL validation allows attackers to bypass security checks, leading to Server-Side Request Forgery (SSRF). This could enable internal network reconnaissance within affected Red Hat OpenShift and Ansible Automation Platform deployments, though it does not permit state changes or data exfiltration.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22772"
},
{
"category": "external",
"summary": "RHBZ#2428808",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428808"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22772",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22772"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22772",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22772"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/eaae2f2be56df9dea5f9b439ec81bedae4c0978d",
"url": "https://github.com/sigstore/fulcio/commit/eaae2f2be56df9dea5f9b439ec81bedae4c0978d"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-59jp-pj84-45mr",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-59jp-pj84-45mr"
}
],
"release_date": "2026-01-12T20:58:53.659000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-18T12:35:32+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.2/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2924"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.2:registry.redhat.io/rhtas/client-server-rhel9@sha256:47071a0613d6d262110af4ce6703ce99db72c7ab58e3a6051b82f3098b372a49_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "fulcio: Fulcio: Server-Side Request Forgery (SSRF) via unanchored regex in MetaIssuer URL validation"
}
]
}
RHSA-2026:3461
Vulnerability from csaf_redhat - Published: 2026-02-27 14:54 - Updated: 2026-07-18 13:02A flaw was found in ray. The job submission API allows a remote attacker to execute arbitrary code due to insufficient input validation. An unauthenticated attacker can trigger this vulnerability by sending a malicious job submission request. Successful exploitation results in arbitrary code execution on the affected Ray cluster.
CWE-918 - Server-Side Request Forgery (SSRF)| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
|
An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
|
A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
|
A flaw was found in shadow-utils. Affected versions of shadow-utils establish a default /etc/subuid behavior, for example, uid 100000 through 165535 for the first user account, that can conflict with the uids of users defined on locally administered networks. This issue potentially leads to account takeover by leveraging newuidmap for access to an NFS home directory or same-host resources for remote logins by these local network users.
CWE-1188 - Initialization of a Resource with an Insecure Default| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
|
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A Server-Side Request Forgery (SSRF) vulnerability exists in the MediaConnector class within the vLLM project's multimodal feature set. The load_from_url and load_from_url_async methods fetch and process media from user-provided URLs without adequate restrictions on the target hosts. This allows an attacker to coerce the vLLM server into making arbitrary requests to internal network resources.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in libtiff. The `get_histogram` function in `file/tiffmedian.c` exhibits a use-after-free condition when processing a specially crafted file, allowing a local attacker to trigger memory corruption. This manipulation results in a use-after-free vulnerability, and can lead to a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the OpenSSL CMS implementation (RFC 3211 KEK Unwrap). This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption (PWRI).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map()', leading to stack exhaustion and a local denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, ".")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A path handling flaw has been discovered in the os/exec go package. If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath ("", ".", and ".."), can result in the binaries listed in the PATH being unexpectedly returned.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n), if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount the symlink target over /dev/console.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in vLLM’s API token authentication logic, where token comparisons were not performed in constant time. This weakness could allow an attacker to exploit timing differences to guess valid tokens and bypass authentication.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the server implementation of vLLM, where the handling of Jinja templates does not properly validate user-supplied input through the chat_template and chat_template_kwargs parameters. When a specially crafted template is processed, it can trigger excessive looping or recursion inside the Jinja engine, consuming large amounts of CPU and memory. This can cause the server to become unresponsive or crash, resulting in a denial-of-service (DoS) condition for applications using vLLM.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A vulnerability in vLLM allows attackers to supply malicious serialized prompt-embedding tensors that are deserialized using torch.load() without validation. Due to PyTorch 2.8.0 disabling sparse-tensor integrity checks by default, a crafted tensor can bypass bounds checks and cause an out-of-bounds write during to_dense(), leading to a crash (DoS) and potentially remote code execution on the vLLM server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A denial-of-service vulnerability in vLLM allows an attacker with API access to crash the engine by submitting multimodal embedding tensors that have the correct number of dimensions but an invalid internal shape. Because vLLM validates only the tensor’s ndim and not the full expected shape, malformed embeddings trigger shape mismatches or validation failures during processing, causing the inference engine to terminate.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A vulnerability in vLLM allows an authenticated user to trigger unintended tokenization during chat template processing by supplying crafted chat_template_kwargs to the /v1/chat/completions or /tokenize endpoints. By forcing the server to tokenize very large inputs, an attacker can block the API server’s event loop for extended periods, causing a denial of service and delaying all other requests.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Ray’s HTTP API endpoint handling (e.g. /api/jobs, /api/job_agent/jobs/), which allows a remote attacker to trigger arbitrary code execution when a developer using Ray visits a malicious website in a vulnerable browser (e.g. Firefox or Safari). The root cause is an insufficient defense relying solely on the User-Agent header starting with “Mozilla”, which can be manipulated under the fetch specification — enabling a DNS-rebinding attack to bypass browser-based protections.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A denial of service vulnerability has been discovered in the python Starlette framework. an unauthenticated attacker can send a crafted HTTP Range header that triggers quadratic-time processing in Starlette's FileResponse Range parsing/merging logic. This induces CPU exhaustion per request, causing a denial‑of‑service for endpoints serving files.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
|
A remote code execution vulnerability has been identified in vLLM. An attacker can exploit a weakness in the model loading process to silently fetch and run unauthorized, malicious Python code on the host system. This happens because the engine mistakenly executes code from a remote repository referenced in a model's configuration, even when explicit security measures are set to prevent it.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
|
A decompression based denial of service flaw has been discovered in the AIOHTTP python library. Library versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host's memory.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in protobuf. A remote attacker can exploit this denial-of-service (DoS) vulnerability by supplying deeply nested `google.protobuf.Any` messages to the `google.protobuf.json_format.ParseDict()` function. This bypasses the intended recursion depth limit, leading to the exhaustion of Python’s recursion stack and causing a `RecursionError`, which results in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
|
A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). A remote attacker can exploit this vulnerability by sending a specially crafted 1x1 pixel image to a vLLM engine serving multimodal models that use the Idefics3 vision model implementation. This leads to a tensor dimension mismatch, causing an unhandled runtime error and resulting in complete server termination, effectively a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). A remote attacker can exploit this vulnerability by sending a specially crafted video URL to vLLM's multimodal endpoint. This action causes vLLM to leak a heap memory address, significantly reducing the effectiveness of Address Space Layout Randomization (ASLR). This information disclosure can then be chained with a heap overflow vulnerability to achieve remote code execution.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). This vulnerability allows a remote attacker to achieve arbitrary code execution on the vLLM host during model loading. This occurs because vLLM loads Hugging Face `auto_map` dynamic modules without properly validating the `trust_remote_code` setting. By influencing the model repository or path, an attacker can execute malicious Python code at server startup, even before any API requests are handled.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Python-Multipart, a tool for parsing multipart form data in Python applications. This vulnerability, known as path traversal, allows a remote attacker to write uploaded files to any location on the server's file system. This exploitation occurs when specific non-default configuration options, `UPLOAD_DIR` and `UPLOAD_KEEP_FILENAME=True`, are enabled, and a malicious filename is provided during a file upload. The primary consequence is unauthorized file creation or modification, which could lead to system compromise.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). A Server-Side Request Forgery (SSRF) vulnerability exists in the MediaConnector class, specifically within the load_from_url and load_from_url_async methods. An attacker can exploit differing interpretations of backslashes by Python parsing libraries used for host restrictions to bypass these restrictions. This allows the attacker to force the vLLM server to make arbitrary requests to internal network resources, potentially leading to information disclosure, denial of service, or unauthorized access within containerized environments.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found the Pillow Python imaging library. Providing a specially crafted PSD image may lead to an out-of-bounds write. This could potentially allow for arbitrary code execution or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AI Inference Server 3.2.2 (CUDA) is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat\u00ae AI Inference Server",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:3461",
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22869",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47906",
"url": "https://access.redhat.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52565",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-5318",
"url": "https://access.redhat.com/security/cve/CVE-2025-5318"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-53905",
"url": "https://access.redhat.com/security/cve/CVE-2025-53905"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-53906",
"url": "https://access.redhat.com/security/cve/CVE-2025-53906"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59375",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59425",
"url": "https://access.redhat.com/security/cve/CVE-2025-59425"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61620",
"url": "https://access.redhat.com/security/cve/CVE-2025-61620"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62164",
"url": "https://access.redhat.com/security/cve/CVE-2025-62164"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62372",
"url": "https://access.redhat.com/security/cve/CVE-2025-62372"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6242",
"url": "https://access.redhat.com/security/cve/CVE-2025-6242"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62426",
"url": "https://access.redhat.com/security/cve/CVE-2025-62426"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62593",
"url": "https://access.redhat.com/security/cve/CVE-2025-62593"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62727",
"url": "https://access.redhat.com/security/cve/CVE-2025-62727"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66448",
"url": "https://access.redhat.com/security/cve/CVE-2025-66448"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66471",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69223",
"url": "https://access.redhat.com/security/cve/CVE-2025-69223"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6965",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-8176",
"url": "https://access.redhat.com/security/cve/CVE-2025-8176"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9230",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9714",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9900",
"url": "https://access.redhat.com/security/cve/CVE-2025-9900"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-0994",
"url": "https://access.redhat.com/security/cve/CVE-2026-0994"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21441",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22773",
"url": "https://access.redhat.com/security/cve/CVE-2026-22773"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22778",
"url": "https://access.redhat.com/security/cve/CVE-2026-22778"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22807",
"url": "https://access.redhat.com/security/cve/CVE-2026-22807"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24049",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24486",
"url": "https://access.redhat.com/security/cve/CVE-2026-24486"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24779",
"url": "https://access.redhat.com/security/cve/CVE-2026-24779"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25990",
"url": "https://access.redhat.com/security/cve/CVE-2026-25990"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-48022",
"url": "https://access.redhat.com/security/cve/CVE-2023-48022"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-52355",
"url": "https://access.redhat.com/security/cve/CVE-2023-52355"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-52356",
"url": "https://access.redhat.com/security/cve/CVE-2023-52356"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-56433",
"url": "https://access.redhat.com/security/cve/CVE-2024-56433"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15467",
"url": "https://access.redhat.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22868",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://www.redhat.com/en/products/ai/inference-server",
"url": "https://www.redhat.com/en/products/ai/inference-server"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_3461.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AI Inference Server 3.2.2 (CUDA)",
"tracking": {
"current_release_date": "2026-07-18T13:02:37+00:00",
"generator": {
"date": "2026-07-18T13:02:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.7"
}
},
"id": "RHSA-2026:3461",
"initial_release_date": "2026-02-27T14:54:46+00:00",
"revision_history": [
{
"date": "2026-02-27T14:54:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-27T14:54:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-18T13:02:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AI Inference Server 3.2",
"product": {
"name": "Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ai_inference_server:3.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat AI Inference Server"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"product": {
"name": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"product_id": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vllm-cuda-rhel9@sha256%3Adcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7?arch=amd64\u0026repository_url=registry.redhat.io/rhaiis\u0026tag=1772160593"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64",
"product": {
"name": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64",
"product_id": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vllm-cuda-rhel9@sha256%3Afa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f?arch=arm64\u0026repository_url=registry.redhat.io/rhaiis\u0026tag=1772160593"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64 as a component of Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64"
},
"product_reference": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"relates_to_product_reference": "Red Hat AI Inference Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64 as a component of Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
},
"product_reference": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64",
"relates_to_product_reference": "Red Hat AI Inference Server 3.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-48022",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2025-08-07T17:35:20.588000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2387122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ray. The job submission API allows a remote attacker to execute arbitrary code due to insufficient input validation. An unauthenticated attacker can trigger this vulnerability by sending a malicious job submission request. Successful exploitation results in arbitrary code execution on the affected Ray cluster.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ray: Ray Job Submission Arbitrary Code Execution",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-48022"
},
{
"category": "external",
"summary": "RHBZ#2387122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-48022",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48022"
}
],
"release_date": "2025-08-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ray: Ray Job Submission Arbitrary Code Execution"
},
{
"cve": "CVE-2023-52355",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2023-11-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2251326"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: TIFFRasterScanlineSize64 produce too-big size and could cause OOM",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The identified out-of-memory vulnerability in libtiff, triggered by a crafted TIFF file passed to the TIFFRasterScanlineSize64() API, presents a moderate severity concern rather than a important one due to several factors. Primarily, the exploit requires the crafted input to be smaller than 379 KB, imposing a limitation on the potential impact and reducing the likelihood of successful exploitation in practical scenarios. Furthermore, the nature of the vulnerability is limited to denial-of-service attacks, which, although disruptive, do not inherently pose a direct risk of data compromise or system compromise. However, it\u0027s important to acknowledge that denial-of-service attacks can still have significant operational implications, particularly in environments reliant on continuous availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52355"
},
{
"category": "external",
"summary": "RHBZ#2251326",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251326"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52355",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52355"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52355",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52355"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/621",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/621"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libtiff: TIFFRasterScanlineSize64 produce too-big size and could cause OOM"
},
{
"cve": "CVE-2023-52356",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2023-11-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2251344"
}
],
"notes": [
{
"category": "description",
"text": "A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw allows an attacker to potentially cause a denial of service attack by crashing a program, but the impact is minimal.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52356"
},
{
"category": "external",
"summary": "RHBZ#2251344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52356",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52356"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52356",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52356"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/622",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/622"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/546",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/546"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service"
},
{
"cve": "CVE-2024-56433",
"cwe": {
"id": "CWE-1188",
"name": "Initialization of a Resource with an Insecure Default"
},
"discovery_date": "2024-12-26T09:00:54.065197+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2334165"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in shadow-utils. Affected versions of shadow-utils establish a default /etc/subuid behavior, for example, uid 100000 through 165535 for the first user account, that can conflict with the uids of users defined on locally administered networks. This issue potentially leads to account takeover by leveraging newuidmap for access to an NFS home directory or same-host resources for remote logins by these local network users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-56433"
},
{
"category": "external",
"summary": "RHBZ#2334165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2334165"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-56433",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56433"
},
{
"category": "external",
"summary": "https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241",
"url": "https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241"
},
{
"category": "external",
"summary": "https://github.com/shadow-maint/shadow/issues/1157",
"url": "https://github.com/shadow-maint/shadow/issues/1157"
},
{
"category": "external",
"summary": "https://github.com/shadow-maint/shadow/releases/tag/4.4",
"url": "https://github.com/shadow-maint/shadow/releases/tag/4.4"
}
],
"release_date": "2024-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise"
},
{
"acknowledgments": [
{
"names": [
"Ronald Crane"
]
}
],
"cve": "CVE-2025-5318",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-05-29T06:48:59.169000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2369131"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libssh: out-of-bounds read in sftp_handle()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue requires an attacker with valid credentials to access a server, limiting the scope to legitimate users of the SFTP service. Due to this reason, this flaw has been rated with a Moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5318"
},
{
"category": "external",
"summary": "RHBZ#2369131",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369131"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5318",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5318"
},
{
"category": "external",
"summary": "https://www.libssh.org/security/advisories/CVE-2025-5318.txt",
"url": "https://www.libssh.org/security/advisories/CVE-2025-5318.txt"
}
],
"release_date": "2025-06-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libssh: out-of-bounds read in sftp_handle()"
},
{
"cve": "CVE-2025-6242",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2025-06-18T15:26:47.633000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373716"
}
],
"notes": [
{
"category": "description",
"text": "A Server-Side Request Forgery (SSRF) vulnerability exists in the MediaConnector class within the vLLM project\u0027s multimodal feature set. The load_from_url and load_from_url_async methods fetch and process media from user-provided URLs without adequate restrictions on the target hosts. This allows an attacker to coerce the vLLM server into making arbitrary requests to internal network resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: Server Side request forgery (SSRF) in MediaConnector",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated as having the severity of Important by the Red Hat Product Security team as a successful exploitation by an attacker may lead to confidential data being leaked or a denial of service. Additionally the fact a unprivileged user can trigger this vulnerability through the network also contributes for the severity.\n\nThis vulnerability has its risk amplified on orchestrated environments as pods running the vLLM may eventually communicate with each other through internal cluster routing, including services that should not have been exposed to external networks. An attacker may leverage this flaw to interact with internal services, perform network reconnaissance or trigger a denial of service by leading other internal services to fail.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6242"
},
{
"category": "external",
"summary": "RHBZ#2373716",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373716"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6242"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6242",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6242"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-3f6c-7fw2-ppm4",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-3f6c-7fw2-ppm4"
}
],
"release_date": "2025-10-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: Server Side request forgery (SSRF) in MediaConnector"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL",
"url": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"cve": "CVE-2025-8176",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-07-26T04:00:56.216434+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2383598"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libtiff. The `get_histogram` function in `file/tiffmedian.c` exhibits a use-after-free condition when processing a specially crafted file, allowing a local attacker to trigger memory corruption. This manipulation results in a use-after-free vulnerability, and can lead to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: LibTIFF Use-After-Free Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated Important because it involves a use-after-free flaw in the get_histogram function of LibTIFF\u2019s tiffmedian tool. Successful exploitation may allow a local attacker to execute arbitrary code or cause a denial of service, leading to loss of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-8176"
},
{
"category": "external",
"summary": "RHBZ#2383598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383598"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-8176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8176"
},
{
"category": "external",
"summary": "http://www.libtiff.org/",
"url": "http://www.libtiff.org/"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/commit/fe10872e53efba9cc36c66ac4ab3b41a839d5172",
"url": "https://gitlab.com/libtiff/libtiff/-/commit/fe10872e53efba9cc36c66ac4ab3b41a839d5172"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/707",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/707"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/727",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/727"
},
{
"category": "external",
"summary": "https://vuldb.com/?ctiid.317590",
"url": "https://vuldb.com/?ctiid.317590"
},
{
"category": "external",
"summary": "https://vuldb.com/?id.317590",
"url": "https://vuldb.com/?id.317590"
},
{
"category": "external",
"summary": "https://vuldb.com/?submit.621796",
"url": "https://vuldb.com/?submit.621796"
}
],
"release_date": "2025-07-26T03:32:08.851000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: LibTIFF Use-After-Free Vulnerability"
},
{
"cve": "CVE-2025-9230",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-09-17T12:15:34.387000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396054"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the OpenSSL CMS implementation (RFC 3211 KEK Unwrap). This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption (PWRI).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability was rated as Moderate because, while the potential impact includes an application level denial of service and possible arbitrary code execution, successful exploitation is considered unlikely due to the high attack complexity and the fact that password-based CMS encryption (PWRI) is rarely used in real-world deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "RHBZ#2396054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230"
}
],
"release_date": "2025-09-30T23:59:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap"
},
{
"cve": "CVE-2025-9714",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2025-09-02T13:03:56.452000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxstl/libxml2. The \u0027exsltDynMapFunction\u0027 function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling \u0027dyn:map()\u0027, leading to stack exhaustion and a local denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No evidence was found for arbitrary memory corruption through this flaw, limiting its impact to Availability only, and reducing its severity to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "RHBZ#2392605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392605"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148",
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148"
}
],
"release_date": "2025-09-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "The impact of this flaw may be reduced by setting strict resource limits to the stack size of processes at the operational system level. This can be achieved either through the \u0027ulimit\u0027 shell built-in or the \u0027limits.conf\u0027 file.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c"
},
{
"acknowledgments": [
{
"names": [
"Gareth C"
],
"organization": "AnchorSec Ltd."
}
],
"cve": "CVE-2025-9900",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"discovery_date": "2025-09-03T02:48:12.111000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392784"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Libtiff. This vulnerability is a \"write-what-where\" condition, triggered when the library processes a specially crafted TIFF image file.\n\nBy providing an abnormally large image height value in the file\u0027s metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: Libtiff Write-What-Where",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This attack requires user interaction to run the malicious TIFF image file, hence the CVE is maintained as important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9900"
},
{
"category": "external",
"summary": "RHBZ#2392784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392784"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9900"
},
{
"category": "external",
"summary": "https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file",
"url": "https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/704",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/704"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/732",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/732"
},
{
"category": "external",
"summary": "https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html",
"url": "https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html"
}
],
"release_date": "2025-09-22T14:29:35.767000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: Libtiff Write-What-Where"
},
{
"cve": "CVE-2025-15467",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-01-16T14:21:50.710000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430376"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. On Red Hat Enterprise Linux, OpenSSL is built with stack protections enabled which mitigate the risk of code execution though a denial-of-service condition remains possible. This vulnerability only affects applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers, such as Kerberos using the PKINIT plugin. OpenSSL versions 1.1.1 and 1.0.2 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "RHBZ#2430376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15467"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15467",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15467"
}
],
"release_date": "2026-01-27T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing"
},
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-22869",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-02-26T04:00:47.683125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348367"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "RHBZ#2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://go.dev/cl/652135",
"url": "https://go.dev/cl/652135"
},
{
"category": "external",
"summary": "https://go.dev/issue/71931",
"url": "https://go.dev/issue/71931"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3487",
"url": "https://pkg.go.dev/vuln/GO-2025-3487"
}
],
"release_date": "2025-02-26T03:07:48.855000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "This flaw can be mitigated when using the client only connecting to trusted servers.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh"
},
{
"cve": "CVE-2025-47906",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"discovery_date": "2025-09-18T19:00:47.541046+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396546"
}
],
"notes": [
{
"category": "description",
"text": "A path handling flaw has been discovered in the os/exec go package. If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath (\"\", \".\", and \"..\"), can result in the binaries listed in the PATH being unexpectedly returned.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "os/exec: Unexpected paths returned from LookPath in os/exec",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "RHBZ#2396546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47906"
},
{
"category": "external",
"summary": "https://go.dev/cl/691775",
"url": "https://go.dev/cl/691775"
},
{
"category": "external",
"summary": "https://go.dev/issue/74466",
"url": "https://go.dev/issue/74466"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM",
"url": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3956",
"url": "https://pkg.go.dev/vuln/GO-2025-3956"
}
],
"release_date": "2025-09-18T18:41:11.847000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "os/exec: Unexpected paths returned from LookPath in os/exec"
},
{
"cve": "CVE-2025-52565",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.653000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404708"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console\nbind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n), if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount the symlink target over /dev/console.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: container escape with malicious config due to /dev/console mount and related races",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "RHBZ#2404708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404708"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r",
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r"
}
],
"release_date": "2025-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using user namespaces, with the host root user not mapped into the container\u0027s namespace. procfs file permissions are managed using Unix DAC and thus user namespaces stop a container process from being able to write to them.\n* Not running as a root user in the container (this includes disabling setuid binaries with noNewPrivileges). As above, procfs file permissions are managed using Unix DAC and thus non-root users cannot write to them.\n* The default SELinux policy should mitigate this issue, as the /dev/console bind-mount does not re-label the mount and so the container process should not be able to write to unsafe procfs files. However, CVE-2025-52881 allows an attacker to bypass LSM labels, and so this mitigation is not helpful when considered in combination with CVE-2025-52881.\n* The default AppArmor profile used by most runtimes will NOT help mitigate this issue, as /dev/console access is permitted. You could create a custom profile that blocks access to /dev/console, but such a profile might break regular containers. In addition, CVE-2025-52881 allows an attacker to bypass LSM labels, and so that mitigation is not helpful when considered in combination with CVE-2025-52881.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: container escape with malicious config due to /dev/console mount and related races"
},
{
"cve": "CVE-2025-53905",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-07-15T21:01:19.770241+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380362"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vim: Vim path traversial",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-53905"
},
{
"category": "external",
"summary": "RHBZ#2380362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380362"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-53905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-53905",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53905"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/commit/87757c6b0a4b2c1f71c72ea8e1438b8fb116b239",
"url": "https://github.com/vim/vim/commit/87757c6b0a4b2c1f71c72ea8e1438b8fb116b239"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/security/advisories/GHSA-74v4-f3x9-ppvr",
"url": "https://github.com/vim/vim/security/advisories/GHSA-74v4-f3x9-ppvr"
}
],
"release_date": "2025-07-15T20:48:34.764000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vim: Vim path traversial"
},
{
"cve": "CVE-2025-53906",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-07-15T21:01:15.057182+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380360"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vim: Vim path traversal",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-53906"
},
{
"category": "external",
"summary": "RHBZ#2380360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380360"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-53906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53906"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/commit/586294a04179d855c3d1d4ee5ea83931963680b8",
"url": "https://github.com/vim/vim/commit/586294a04179d855c3d1d4ee5ea83931963680b8"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/security/advisories/GHSA-r2fw-9cw4-mj86",
"url": "https://github.com/vim/vim/security/advisories/GHSA-r2fw-9cw4-mj86"
}
],
"release_date": "2025-07-15T20:52:40.137000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vim: Vim path traversal"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classified as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2025-59375",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2025-59375"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2025-59375",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2025-59375"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
},
{
"cve": "CVE-2025-59425",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2025-09-22T06:45:41.577000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2397234"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM\u2019s API token authentication logic, where token comparisons were not performed in constant time. This weakness could allow an attacker to exploit timing differences to guess valid tokens and bypass authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: Timing Attack in vLLM API Token Verification Leading to Authentication Bypass",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The RedHat security team has rated the severity of this issue as Important. The vulnerability is remotely exploitable without authentication or user interaction and can result in authentication bypass. The root cause was the use of a non-constant-time string comparison, which leaked timing information. Successful exploitation could lead to unauthorized access to APIs and sensitive resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59425"
},
{
"category": "external",
"summary": "RHBZ#2397234",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397234"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59425"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59425",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59425"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/ee10d7e6ff5875386c7f136ce8b5f525c8fcef48",
"url": "https://github.com/vllm-project/vllm/commit/ee10d7e6ff5875386c7f136ce8b5f525c8fcef48"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-wr9h-g72x-mwhm",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-wr9h-g72x-mwhm"
}
],
"release_date": "2025-10-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: Timing Attack in vLLM API Token Verification Leading to Authentication Bypass"
},
{
"acknowledgments": [
{
"names": [
"keymoon",
"Ga_ryo",
"Isotr0py",
"DarkLight1337"
]
}
],
"cve": "CVE-2025-61620",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-10-06T05:59:34.077000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2401761"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the server implementation of vLLM, where the handling of Jinja templates does not properly validate user-supplied input through the chat_template and chat_template_kwargs parameters. When a specially crafted template is processed, it can trigger excessive looping or recursion inside the Jinja engine, consuming large amounts of CPU and memory. This can cause the server to become unresponsive or crash, resulting in a denial-of-service (DoS) condition for applications using vLLM.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM OpenAI-Compatible Server Resource Exhaustion via chat_template Parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has assessed the severity of this vulnerability as Moderate, as it requires authenticated access or the ability to supply templates to the vLLM server. Successful exploitation allows an attacker to exhaust system resources by submitting maliciously crafted Jinja templates that trigger excessive CPU and memory usage. The vulnerability\u2019s root cause is the lack of proper validation and sandboxing of user-supplied template data, which can lead to denial of service (DoS) conditions affecting the availability of services built on vLLM.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61620"
},
{
"category": "external",
"summary": "RHBZ#2401761",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401761"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61620",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61620"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61620",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61620"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-6fvq-23cw-5628",
"url": "https://github.com/advisories/GHSA-6fvq-23cw-5628"
}
],
"release_date": "2025-10-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM OpenAI-Compatible Server Resource Exhaustion via chat_template Parameters"
},
{
"cve": "CVE-2025-62164",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-11-21T02:01:11.280042+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416282"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in vLLM allows attackers to supply malicious serialized prompt-embedding tensors that are deserialized using torch.load() without validation. Due to PyTorch 2.8.0 disabling sparse-tensor integrity checks by default, a crafted tensor can bypass bounds checks and cause an out-of-bounds write during to_dense(), leading to a crash (DoS) and potentially remote code execution on the vLLM server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: VLLM deserialization vulnerability leading to DoS and potential RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered important rather than moderate because it involves unsafe deserialization leading to memory corruption in a network-reachable, unauthenticated API path. Unlike typical moderate flaws that may only allow limited DoS or require specific conditions, this issue allows an attacker to supply a crafted sparse tensor that triggers an out-of-bounds memory write during PyTorch\u2019s to_dense() conversion. Memory corruption in a server process handling untrusted input significantly elevates security risk because it can lead not only to a reliable crash but also to potential remote code execution, enabling full compromise of the vLLM service. Additionally, the affected code path is part of the standard Completions API workflow, making the attack surface broadly exposed in real deployments. The combination of remote exploitability, unauthenticated access, memory corruption, and potential RCE clearly positions this issue above a moderate classification and into an important severity level.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62164"
},
{
"category": "external",
"summary": "RHBZ#2416282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416282"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62164",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62164"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62164",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62164"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b",
"url": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/27204",
"url": "https://github.com/vllm-project/vllm/pull/27204"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-mrw7-hf4f-83pf",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-mrw7-hf4f-83pf"
}
],
"release_date": "2025-11-21T01:18:38.803000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: VLLM deserialization vulnerability leading to DoS and potential RCE"
},
{
"cve": "CVE-2025-62372",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"discovery_date": "2025-11-21T02:00:57.180567+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416280"
}
],
"notes": [
{
"category": "description",
"text": "A denial-of-service vulnerability in vLLM allows an attacker with API access to crash the engine by submitting multimodal embedding tensors that have the correct number of dimensions but an invalid internal shape. Because vLLM validates only the tensor\u2019s ndim and not the full expected shape, malformed embeddings trigger shape mismatches or validation failures during processing, causing the inference engine to terminate.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated Moderate rather than Important because its impact is strictly limited to availability and requires low but existing privileges to exploit. The issue arises from incomplete shape validation of multimodal embedding tensors, which can cause deterministic crashes in the inference engine, but it does not enable memory corruption, data leakage, integrity compromise, or execution of arbitrary code. Exploitation requires an authenticated or API-key-holding user to submit malformed multimodal inputs, meaning it cannot be triggered by an unauthenticated attacker on an exposed endpoint. Additionally, the failure mode is a clean crash rather than undefined behavior, so the blast radius is constrained to service interruption rather than broader systemic compromise. These factors\u2014PR:L requirement, no confidentiality/integrity impact, deterministic failure mode, and scoped DoS only\u2014technically align the issue with Moderate severity instead of an Important flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62372"
},
{
"category": "external",
"summary": "RHBZ#2416280",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416280"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62372"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62372",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62372"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b",
"url": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/27204",
"url": "https://github.com/vllm-project/vllm/pull/27204"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/6613",
"url": "https://github.com/vllm-project/vllm/pull/6613"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-pmqf-x6x8-p7qw",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-pmqf-x6x8-p7qw"
}
],
"release_date": "2025-11-21T01:22:37.121000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs"
},
{
"cve": "CVE-2025-62426",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-11-21T02:00:49.606988+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416278"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in vLLM allows an authenticated user to trigger unintended tokenization during chat template processing by supplying crafted chat_template_kwargs to the /v1/chat/completions or /tokenize endpoints. By forcing the server to tokenize very large inputs, an attacker can block the API server\u2019s event loop for extended periods, causing a denial of service and delaying all other requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM vulnerable to DoS via large Chat Completion or Tokenization requests with specially crafted `chat_template_kwargs`",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw is limited to a denial-of-service vector that requires an authenticated user and relies on abusing an optional, non-security-critical parameter (chat_template_kwargs) to force unexpected tokenization during template application, which is computationally expensive but not indicative of data corruption, privilege escalation, or code execution. The attacker cannot break isolation boundaries or execute arbitrary logic\u2014they can only cause the server\u2019s event loop to stall through large crafted inputs, and only if they already have access to the vLLM API. Moreover, the DoS condition is resource-intensive, depends heavily on model size and server configuration, and does not persist once the malicious request completes. Because the impact is bounded to temporary availability degradation without confidentiality or integrity loss, and because exploitation requires legitimate API access and large payloads, this issue aligns with a Moderate severity rather than an Important/High flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62426"
},
{
"category": "external",
"summary": "RHBZ#2416278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416278"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62426"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62426",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62426"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/blob/2a6dc67eb520ddb9c4138d8b35ed6fe6226997fb/vllm/entrypoints/chat_utils.py#L1602-L1610",
"url": "https://github.com/vllm-project/vllm/blob/2a6dc67eb520ddb9c4138d8b35ed6fe6226997fb/vllm/entrypoints/chat_utils.py#L1602-L1610"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/blob/2a6dc67eb520ddb9c4138d8b35ed6fe6226997fb/vllm/entrypoints/openai/serving_engine.py#L809-L814",
"url": "https://github.com/vllm-project/vllm/blob/2a6dc67eb520ddb9c4138d8b35ed6fe6226997fb/vllm/entrypoints/openai/serving_engine.py#L809-L814"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/3ada34f9cb4d1af763fdfa3b481862a93eb6bd2b",
"url": "https://github.com/vllm-project/vllm/commit/3ada34f9cb4d1af763fdfa3b481862a93eb6bd2b"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/27205",
"url": "https://github.com/vllm-project/vllm/pull/27205"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-69j4-grxj-j64p",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-69j4-grxj-j64p"
}
],
"release_date": "2025-11-21T01:21:29.546000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM vulnerable to DoS via large Chat Completion or Tokenization requests with specially crafted `chat_template_kwargs`"
},
{
"cve": "CVE-2025-62593",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2025-11-26T23:01:25.307125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417394"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Ray\u2019s HTTP API endpoint handling (e.g. /api/jobs, /api/job_agent/jobs/), which allows a remote attacker to trigger arbitrary code execution when a developer using Ray visits a malicious website in a vulnerable browser (e.g. Firefox or Safari). The root cause is an insufficient defense relying solely on the User-Agent header starting with \u201cMozilla\u201d, which can be manipulated under the fetch specification \u2014 enabling a DNS-rebinding attack to bypass browser-based protections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ray: Ray is vulnerable to RCE via Safari \u0026 Firefox Browsers through DNS Rebinding Attack",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has chosen to keep this as Important instead of Critical severity because the successful exploitation of this vulnerability requires user interaction in conjunction with a DNS rebinding attack.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62593"
},
{
"category": "external",
"summary": "RHBZ#2417394",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417394"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62593",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62593"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62593",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62593"
},
{
"category": "external",
"summary": "https://github.com/ray-project/ray/commit/70e7c72780bdec075dba6cad1afe0832772bfe09",
"url": "https://github.com/ray-project/ray/commit/70e7c72780bdec075dba6cad1afe0832772bfe09"
},
{
"category": "external",
"summary": "https://github.com/ray-project/ray/security/advisories/GHSA-q279-jhrf-cc6v",
"url": "https://github.com/ray-project/ray/security/advisories/GHSA-q279-jhrf-cc6v"
}
],
"release_date": "2025-11-26T22:28:28.577000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ray: Ray is vulnerable to RCE via Safari \u0026 Firefox Browsers through DNS Rebinding Attack"
},
{
"cve": "CVE-2025-62727",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"discovery_date": "2025-10-28T21:01:03.833849+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2406929"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability has been discovered in the python Starlette framework. an unauthenticated attacker can send a crafted HTTP Range header that triggers quadratic-time processing in Starlette\u0027s FileResponse Range parsing/merging logic. This induces CPU exhaustion per request, causing a denial\u2011of\u2011service for endpoints serving files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "starlette: Starlette DoS via Range header merging",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62727"
},
{
"category": "external",
"summary": "RHBZ#2406929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406929"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62727"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62727",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62727"
},
{
"category": "external",
"summary": "https://github.com/Kludex/starlette/commit/4ea6e22b489ec388d6004cfbca52dd5b147127c5",
"url": "https://github.com/Kludex/starlette/commit/4ea6e22b489ec388d6004cfbca52dd5b147127c5"
},
{
"category": "external",
"summary": "https://github.com/Kludex/starlette/security/advisories/GHSA-7f5h-v6xp-fcq8",
"url": "https://github.com/Kludex/starlette/security/advisories/GHSA-7f5h-v6xp-fcq8"
}
],
"release_date": "2025-10-28T20:14:53.655000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "starlette: Starlette DoS via Range header merging"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
},
{
"cve": "CVE-2025-66448",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2025-12-01T23:01:07.198041+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418152"
}
],
"notes": [
{
"category": "description",
"text": "A remote code execution vulnerability has been identified in vLLM. An attacker can exploit a weakness in the model loading process to silently fetch and run unauthorized, malicious Python code on the host system. This happens because the engine mistakenly executes code from a remote repository referenced in a model\u0027s configuration, even when explicit security measures are set to prevent it.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM: Remote Code Execution via malicious model configuration",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat because vLLM, when deployed in a Red Hat environment, is susceptible to remote code execution. An attacker can craft a malicious model configuration that, when loaded, fetches and executes arbitrary Python code from a remote repository, even if `trust_remote_code` is explicitly set to `False`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66448"
},
{
"category": "external",
"summary": "RHBZ#2418152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66448"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66448",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66448"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/ffb08379d8870a1a81ba82b72797f196838d0c86",
"url": "https://github.com/vllm-project/vllm/commit/ffb08379d8870a1a81ba82b72797f196838d0c86"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/28126",
"url": "https://github.com/vllm-project/vllm/pull/28126"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-8fr4-5q9j-m8gm",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-8fr4-5q9j-m8gm"
}
],
"release_date": "2025-12-01T22:45:42.566000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: vLLM: Remote Code Execution via malicious model configuration"
},
{
"cve": "CVE-2025-66471",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-05T17:02:21.597728+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419467"
}
],
"notes": [
{
"category": "description",
"text": "A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 Streaming API improperly handles highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in urllib3\u0027s streaming API that can lead to excessive resource consumption, including high CPU usage and significant memory allocation. When processing highly compressed data from untrusted sources, even small requested chunks can trigger full decompression, posing a denial-of-service risk to client-side applications utilizing affected urllib3 versions prior to 2.6.0.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "RHBZ#2419467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7",
"url": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37"
}
],
"release_date": "2025-12-05T16:06:08.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 Streaming API improperly handles highly compressed data"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
},
{
"cve": "CVE-2025-69223",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-06T20:01:19.831548+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427456"
}
],
"notes": [
{
"category": "description",
"text": "A decompression based denial of service flaw has been discovered in the AIOHTTP python library. Library versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host\u0027s memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "aiohttp: AIOHTTP\u0027s HTTP Parser auto_decompress feature is vulnerable to zip bomb",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69223"
},
{
"category": "external",
"summary": "RHBZ#2427456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427456"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69223",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69223"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69223",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69223"
},
{
"category": "external",
"summary": "https://github.com/aio-libs/aiohttp/commit/2b920c39002cee0ec5b402581779bbaaf7c9138a",
"url": "https://github.com/aio-libs/aiohttp/commit/2b920c39002cee0ec5b402581779bbaaf7c9138a"
},
{
"category": "external",
"summary": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-6mq8-rvhq-8wgg",
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-6mq8-rvhq-8wgg"
}
],
"release_date": "2026-01-05T22:00:17.715000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "aiohttp: AIOHTTP\u0027s HTTP Parser auto_decompress feature is vulnerable to zip bomb"
},
{
"cve": "CVE-2026-0994",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2026-01-23T16:02:59.235878+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2432398"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in protobuf. A remote attacker can exploit this denial-of-service (DoS) vulnerability by supplying deeply nested `google.protobuf.Any` messages to the `google.protobuf.json_format.ParseDict()` function. This bypasses the intended recursion depth limit, leading to the exhaustion of Python\u2019s recursion stack and causing a `RecursionError`, which results in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python: protobuf: Protobuf: Denial of Service due to recursion depth bypass",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in `protobuf` allows a remote attacker to trigger a denial-of-service by providing specially crafted, deeply nested `google.protobuf.Any` messages to the `google.protobuf.json_format.ParseDict()` function. This bypasses the intended recursion depth limit, leading to resource exhaustion and application crashes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-0994"
},
{
"category": "external",
"summary": "RHBZ#2432398",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2432398"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-0994",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0994"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-0994",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0994"
},
{
"category": "external",
"summary": "https://github.com/protocolbuffers/protobuf/pull/25239",
"url": "https://github.com/protocolbuffers/protobuf/pull/25239"
}
],
"release_date": "2026-01-23T14:55:16.876000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python: protobuf: Protobuf: Denial of Service due to recursion depth bypass"
},
{
"cve": "CVE-2026-21441",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-01-07T23:01:59.422078+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427726"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is an HTTP client library for Python. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "RHBZ#2427726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b",
"url": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99"
}
],
"release_date": "2026-01-07T22:09:01.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)"
},
{
"cve": "CVE-2026-22773",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-10T07:01:22.641229+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2428443"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). A remote attacker can exploit this vulnerability by sending a specially crafted 1x1 pixel image to a vLLM engine serving multimodal models that use the Idefics3 vision model implementation. This leads to a tensor dimension mismatch, causing an unhandled runtime error and resulting in complete server termination, effectively a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM: Denial of Service via specially crafted image in multimodal model serving",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate for Red Hat products. A remote attacker can trigger a denial of service in vLLM engines serving multimodal models that use the Idefics3 vision model by sending a specially crafted image, leading to complete server termination. This affects Red Hat AI Inference Server and Red Hat OpenShift AI (RHOAI) when configured with the vulnerable vLLM versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22773"
},
{
"category": "external",
"summary": "RHBZ#2428443",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428443"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22773",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22773"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22773",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22773"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-grg2-63fw-f2qr",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-grg2-63fw-f2qr"
}
],
"release_date": "2026-01-10T06:39:02.276000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM: Denial of Service via specially crafted image in multimodal model serving"
},
{
"cve": "CVE-2026-22778",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"discovery_date": "2026-02-03T00:01:43.512265+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2436113"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). A remote attacker can exploit this vulnerability by sending a specially crafted video URL to vLLM\u0027s multimodal endpoint. This action causes vLLM to leak a heap memory address, significantly reducing the effectiveness of Address Space Layout Randomization (ASLR). This information disclosure can then be chained with a heap overflow vulnerability to achieve remote code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vLLM: vLLM: Remote code execution via invalid image processing in the multimodal endpoint.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Critical rather than Important because it allows unauthenticated remote code execution without requiring user interaction, ultimately leading to full compromise of the affected system. An attacker can provide a malicious video URL to a vulnerable vLLM inference endpoint, which causes the service to automatically retrieve and process attacker-controlled media content. During decoding, a heap overflow is triggered in the underlying video processing stack, enabling corruption of heap memory and potential overwriting of control structures to execute arbitrary commands on the host. In addition, an information disclosure condition can leak memory addresses, significantly weakening ASLR protections and making exploitation more reliable when combined with the heap overflow. Successful exploitation compromises the confidentiality, integrity, and availability of the system and can impact deployments such as Red Hat AI Inference Server, Red Hat Enterprise Linux AI, and Red Hat OpenShift AI, thereby meeting Red Hat\u2019s criteria for Critical severity rather than Important impact.\n\nThe vLLM vulnerability depends on CVE-2025-9951, as processing attacker-controlled media can trigger the JPEG2000 decoder heap overflow, which can then be exploited within the vLLM video handling pipeline to cause memory corruption and potentially achieve remote code execution.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22778"
},
{
"category": "external",
"summary": "RHBZ#2436113",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436113"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22778",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22778"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22778",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22778"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/31987",
"url": "https://github.com/vllm-project/vllm/pull/31987"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/32319",
"url": "https://github.com/vllm-project/vllm/pull/32319"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/releases/tag/v0.14.1",
"url": "https://github.com/vllm-project/vllm/releases/tag/v0.14.1"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-4r2x-xpjr-7cvv",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-4r2x-xpjr-7cvv"
}
],
"release_date": "2026-02-02T21:09:53.265000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "vLLM: vLLM: Remote code execution via invalid image processing in the multimodal endpoint."
},
{
"cve": "CVE-2026-22807",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-01-21T22:00:55.823882+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431865"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). This vulnerability allows a remote attacker to achieve arbitrary code execution on the vLLM host during model loading. This occurs because vLLM loads Hugging Face `auto_map` dynamic modules without properly validating the `trust_remote_code` setting. By influencing the model repository or path, an attacker can execute malicious Python code at server startup, even before any API requests are handled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vLLM: vLLM: Arbitrary code execution via untrusted model loading",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as vLLM, an inference and serving engine for large language models, is vulnerable to arbitrary code execution. An attacker influencing the model repository or path can execute malicious Python code during server startup, affecting vLLM versions 0.10.1 through 0.13.x.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22807"
},
{
"category": "external",
"summary": "RHBZ#2431865",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431865"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22807",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22807"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/78d13ea9de4b1ce5e4d8a5af9738fea71fb024e5",
"url": "https://github.com/vllm-project/vllm/commit/78d13ea9de4b1ce5e4d8a5af9738fea71fb024e5"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/32194",
"url": "https://github.com/vllm-project/vllm/pull/32194"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/releases/tag/v0.14.0",
"url": "https://github.com/vllm-project/vllm/releases/tag/v0.14.0"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-2pc9-4j83-qjmr",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-2pc9-4j83-qjmr"
}
],
"release_date": "2026-01-21T21:13:11.894000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "To mitigate this issue, ensure that vLLM instances are configured to load models only from trusted and verified repositories. Restrict access to the model repository path to prevent unauthorized modification or introduction of malicious code. Implement strict access controls and integrity checks for all model sources.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vLLM: vLLM: Arbitrary code execution via untrusted model loading"
},
{
"cve": "CVE-2026-24049",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-01-22T05:00:54.709179+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431959"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "RHBZ#2431959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24049",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24049"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef",
"url": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/releases/tag/0.46.2",
"url": "https://github.com/pypa/wheel/releases/tag/0.46.2"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx",
"url": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx"
}
],
"release_date": "2026-01-22T04:02:08.706000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking"
},
{
"cve": "CVE-2026-24486",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-01-27T01:00:58.032530+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2433132"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Python-Multipart, a tool for parsing multipart form data in Python applications. This vulnerability, known as path traversal, allows a remote attacker to write uploaded files to any location on the server\u0027s file system. This exploitation occurs when specific non-default configuration options, `UPLOAD_DIR` and `UPLOAD_KEEP_FILENAME=True`, are enabled, and a malicious filename is provided during a file upload. The primary consequence is unauthorized file creation or modification, which could lead to system compromise.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-multipart: Python-Multipart: Arbitrary file write via path traversal vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24486"
},
{
"category": "external",
"summary": "RHBZ#2433132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433132"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24486",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24486"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24486",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24486"
},
{
"category": "external",
"summary": "https://github.com/Kludex/python-multipart/commit/9433f4bbc9652bdde82bbe380984e32f8cfc89c4",
"url": "https://github.com/Kludex/python-multipart/commit/9433f4bbc9652bdde82bbe380984e32f8cfc89c4"
},
{
"category": "external",
"summary": "https://github.com/Kludex/python-multipart/releases/tag/0.0.22",
"url": "https://github.com/Kludex/python-multipart/releases/tag/0.0.22"
},
{
"category": "external",
"summary": "https://github.com/Kludex/python-multipart/security/advisories/GHSA-wp53-j4wj-2cfg",
"url": "https://github.com/Kludex/python-multipart/security/advisories/GHSA-wp53-j4wj-2cfg"
}
],
"release_date": "2026-01-27T00:34:06.229000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, avoid enabling the `UPLOAD_KEEP_FILENAME=True` configuration option in applications using `python-multipart`. This option, when used with `UPLOAD_DIR`, allows an attacker to write files to arbitrary locations. Disabling or not configuring `UPLOAD_KEEP_FILENAME=True` prevents the path traversal vulnerability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-multipart: Python-Multipart: Arbitrary file write via path traversal vulnerability"
},
{
"cve": "CVE-2026-24779",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2026-01-27T23:00:53.998772+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2433624"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). A Server-Side Request Forgery (SSRF) vulnerability exists in the MediaConnector class, specifically within the load_from_url and load_from_url_async methods. An attacker can exploit differing interpretations of backslashes by Python parsing libraries used for host restrictions to bypass these restrictions. This allows the attacker to force the vLLM server to make arbitrary requests to internal network resources, potentially leading to information disclosure, denial of service, or unauthorized access within containerized environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vLLM: vLLM: Server-Side Request Forgery allows internal network access",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This IMPORTANT Server-Side Request Forgery (SSRF) vulnerability in vLLM\u0027s `MediaConnector` allows an attacker to bypass host restrictions when processing user-provided URLs. This enables the vLLM server to be coerced into making arbitrary requests to internal network resources. This is critical in containerized deployments, including Red Hat AI Inference Server, Red Hat Enterprise Linux AI, and Red Hat OpenShift AI, where it could facilitate internal network reconnaissance and unauthorized access to other services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24779"
},
{
"category": "external",
"summary": "RHBZ#2433624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433624"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24779",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24779"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24779",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24779"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/f46d576c54fb8aeec5fc70560e850bed38ef17d7",
"url": "https://github.com/vllm-project/vllm/commit/f46d576c54fb8aeec5fc70560e850bed38ef17d7"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/32746",
"url": "https://github.com/vllm-project/vllm/pull/32746"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-qh4c-xf7m-gxfc",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-qh4c-xf7m-gxfc"
}
],
"release_date": "2026-01-27T22:01:13.808000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "To mitigate this issue, restrict network access to the vLLM service to only trusted clients. Implement strict network segmentation for vLLM pods in containerized environments to limit potential lateral movement. Ensure that vLLM instances are not exposed to untrusted external networks without proper access controls and input validation at the perimeter.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vLLM: vLLM: Server-Side Request Forgery allows internal network access"
},
{
"cve": "CVE-2026-25990",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-02-11T21:05:39.535631+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2439170"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found the Pillow Python imaging library. Providing a specially crafted PSD image may lead to an out-of-bounds write. This could potentially allow for arbitrary code execution or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25990"
},
{
"category": "external",
"summary": "RHBZ#2439170",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439170"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25990",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25990"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25990",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25990"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/commit/9000313cc5d4a31bdcdd6d7f0781101abab553aa",
"url": "https://github.com/python-pillow/Pillow/commit/9000313cc5d4a31bdcdd6d7f0781101abab553aa"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-cfh3-3jmp-rvhc",
"url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-cfh3-3jmp-rvhc"
}
],
"release_date": "2026-02-11T20:53:52.524000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:54:46+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3461",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:fa844e16d06e871f1a5dbc2fd5b3882d28112eee8d6bee601d94c96295c5e24f_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image"
}
]
}
RHSA-2026:3462
Vulnerability from csaf_redhat - Published: 2026-02-27 14:55 - Updated: 2026-07-18 13:02A flaw was found in ray. The job submission API allows a remote attacker to execute arbitrary code due to insufficient input validation. An unauthenticated attacker can trigger this vulnerability by sending a malicious job submission request. Successful exploitation results in arbitrary code execution on the affected Ray cluster.
CWE-918 - Server-Side Request Forgery (SSRF)| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
|
An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
|
A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
|
A flaw was found in shadow-utils. Affected versions of shadow-utils establish a default /etc/subuid behavior, for example, uid 100000 through 165535 for the first user account, that can conflict with the uids of users defined on locally administered networks. This issue potentially leads to account takeover by leveraging newuidmap for access to an NFS home directory or same-host resources for remote logins by these local network users.
CWE-1188 - Initialization of a Resource with an Insecure Default| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
|
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A Server-Side Request Forgery (SSRF) vulnerability exists in the MediaConnector class within the vLLM project's multimodal feature set. The load_from_url and load_from_url_async methods fetch and process media from user-provided URLs without adequate restrictions on the target hosts. This allows an attacker to coerce the vLLM server into making arbitrary requests to internal network resources.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in libtiff. The `get_histogram` function in `file/tiffmedian.c` exhibits a use-after-free condition when processing a specially crafted file, allowing a local attacker to trigger memory corruption. This manipulation results in a use-after-free vulnerability, and can lead to a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the OpenSSL CMS implementation (RFC 3211 KEK Unwrap). This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption (PWRI).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map()', leading to stack exhaustion and a local denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, ".")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A path handling flaw has been discovered in the os/exec go package. If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath ("", ".", and ".."), can result in the binaries listed in the PATH being unexpectedly returned.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n), if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount the symlink target over /dev/console.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in vLLM’s API token authentication logic, where token comparisons were not performed in constant time. This weakness could allow an attacker to exploit timing differences to guess valid tokens and bypass authentication.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the server implementation of vLLM, where the handling of Jinja templates does not properly validate user-supplied input through the chat_template and chat_template_kwargs parameters. When a specially crafted template is processed, it can trigger excessive looping or recursion inside the Jinja engine, consuming large amounts of CPU and memory. This can cause the server to become unresponsive or crash, resulting in a denial-of-service (DoS) condition for applications using vLLM.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A vulnerability in vLLM allows attackers to supply malicious serialized prompt-embedding tensors that are deserialized using torch.load() without validation. Due to PyTorch 2.8.0 disabling sparse-tensor integrity checks by default, a crafted tensor can bypass bounds checks and cause an out-of-bounds write during to_dense(), leading to a crash (DoS) and potentially remote code execution on the vLLM server.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A denial-of-service vulnerability in vLLM allows an attacker with API access to crash the engine by submitting multimodal embedding tensors that have the correct number of dimensions but an invalid internal shape. Because vLLM validates only the tensor’s ndim and not the full expected shape, malformed embeddings trigger shape mismatches or validation failures during processing, causing the inference engine to terminate.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A vulnerability in vLLM allows an authenticated user to trigger unintended tokenization during chat template processing by supplying crafted chat_template_kwargs to the /v1/chat/completions or /tokenize endpoints. By forcing the server to tokenize very large inputs, an attacker can block the API server’s event loop for extended periods, causing a denial of service and delaying all other requests.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Ray’s HTTP API endpoint handling (e.g. /api/jobs, /api/job_agent/jobs/), which allows a remote attacker to trigger arbitrary code execution when a developer using Ray visits a malicious website in a vulnerable browser (e.g. Firefox or Safari). The root cause is an insufficient defense relying solely on the User-Agent header starting with “Mozilla”, which can be manipulated under the fetch specification — enabling a DNS-rebinding attack to bypass browser-based protections.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A denial of service vulnerability has been discovered in the python Starlette framework. an unauthenticated attacker can send a crafted HTTP Range header that triggers quadratic-time processing in Starlette's FileResponse Range parsing/merging logic. This induces CPU exhaustion per request, causing a denial‑of‑service for endpoints serving files.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
|
A remote code execution vulnerability has been identified in vLLM. An attacker can exploit a weakness in the model loading process to silently fetch and run unauthorized, malicious Python code on the host system. This happens because the engine mistakenly executes code from a remote repository referenced in a model's configuration, even when explicit security measures are set to prevent it.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
|
A decompression based denial of service flaw has been discovered in the AIOHTTP python library. Library versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host's memory.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in protobuf. A remote attacker can exploit this denial-of-service (DoS) vulnerability by supplying deeply nested `google.protobuf.Any` messages to the `google.protobuf.json_format.ParseDict()` function. This bypasses the intended recursion depth limit, leading to the exhaustion of Python’s recursion stack and causing a `RecursionError`, which results in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
|
A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). A remote attacker can exploit this vulnerability by sending a specially crafted 1x1 pixel image to a vLLM engine serving multimodal models that use the Idefics3 vision model implementation. This leads to a tensor dimension mismatch, causing an unhandled runtime error and resulting in complete server termination, effectively a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). A remote attacker can exploit this vulnerability by sending a specially crafted video URL to vLLM's multimodal endpoint. This action causes vLLM to leak a heap memory address, significantly reducing the effectiveness of Address Space Layout Randomization (ASLR). This information disclosure can then be chained with a heap overflow vulnerability to achieve remote code execution.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). This vulnerability allows a remote attacker to achieve arbitrary code execution on the vLLM host during model loading. This occurs because vLLM loads Hugging Face `auto_map` dynamic modules without properly validating the `trust_remote_code` setting. By influencing the model repository or path, an attacker can execute malicious Python code at server startup, even before any API requests are handled.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Python-Multipart, a tool for parsing multipart form data in Python applications. This vulnerability, known as path traversal, allows a remote attacker to write uploaded files to any location on the server's file system. This exploitation occurs when specific non-default configuration options, `UPLOAD_DIR` and `UPLOAD_KEEP_FILENAME=True`, are enabled, and a malicious filename is provided during a file upload. The primary consequence is unauthorized file creation or modification, which could lead to system compromise.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). A Server-Side Request Forgery (SSRF) vulnerability exists in the MediaConnector class, specifically within the load_from_url and load_from_url_async methods. An attacker can exploit differing interpretations of backslashes by Python parsing libraries used for host restrictions to bypass these restrictions. This allows the attacker to force the vLLM server to make arbitrary requests to internal network resources, potentially leading to information disclosure, denial of service, or unauthorized access within containerized environments.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found the Pillow Python imaging library. Providing a specially crafted PSD image may lead to an out-of-bounds write. This could potentially allow for arbitrary code execution or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AI Inference Server 3.2.2 (ROCm) is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat\u00ae AI Inference Server",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:3462",
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-48022",
"url": "https://access.redhat.com/security/cve/CVE-2023-48022"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-52355",
"url": "https://access.redhat.com/security/cve/CVE-2023-52355"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-52356",
"url": "https://access.redhat.com/security/cve/CVE-2023-52356"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-56433",
"url": "https://access.redhat.com/security/cve/CVE-2024-56433"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15467",
"url": "https://access.redhat.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22868",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22869",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47906",
"url": "https://access.redhat.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52565",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-5318",
"url": "https://access.redhat.com/security/cve/CVE-2025-5318"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-53905",
"url": "https://access.redhat.com/security/cve/CVE-2025-53905"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-53906",
"url": "https://access.redhat.com/security/cve/CVE-2025-53906"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59375",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59425",
"url": "https://access.redhat.com/security/cve/CVE-2025-59425"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61620",
"url": "https://access.redhat.com/security/cve/CVE-2025-61620"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62164",
"url": "https://access.redhat.com/security/cve/CVE-2025-62164"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62372",
"url": "https://access.redhat.com/security/cve/CVE-2025-62372"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6242",
"url": "https://access.redhat.com/security/cve/CVE-2025-6242"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62426",
"url": "https://access.redhat.com/security/cve/CVE-2025-62426"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62593",
"url": "https://access.redhat.com/security/cve/CVE-2025-62593"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62727",
"url": "https://access.redhat.com/security/cve/CVE-2025-62727"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66448",
"url": "https://access.redhat.com/security/cve/CVE-2025-66448"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66471",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69223",
"url": "https://access.redhat.com/security/cve/CVE-2025-69223"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6965",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-8176",
"url": "https://access.redhat.com/security/cve/CVE-2025-8176"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9230",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9714",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9900",
"url": "https://access.redhat.com/security/cve/CVE-2025-9900"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-0994",
"url": "https://access.redhat.com/security/cve/CVE-2026-0994"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21441",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22773",
"url": "https://access.redhat.com/security/cve/CVE-2026-22773"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22778",
"url": "https://access.redhat.com/security/cve/CVE-2026-22778"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22807",
"url": "https://access.redhat.com/security/cve/CVE-2026-22807"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24049",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24486",
"url": "https://access.redhat.com/security/cve/CVE-2026-24486"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24779",
"url": "https://access.redhat.com/security/cve/CVE-2026-24779"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25990",
"url": "https://access.redhat.com/security/cve/CVE-2026-25990"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://www.redhat.com/en/products/ai/inference-server",
"url": "https://www.redhat.com/en/products/ai/inference-server"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_3462.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AI Inference Server 3.2.2 (ROCm)",
"tracking": {
"current_release_date": "2026-07-18T13:02:39+00:00",
"generator": {
"date": "2026-07-18T13:02:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.7"
}
},
"id": "RHSA-2026:3462",
"initial_release_date": "2026-02-27T14:55:49+00:00",
"revision_history": [
{
"date": "2026-02-27T14:55:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-27T14:55:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-18T13:02:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AI Inference Server 3.2",
"product": {
"name": "Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ai_inference_server:3.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat AI Inference Server"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64",
"product": {
"name": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64",
"product_id": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vllm-rocm-rhel9@sha256%3A53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a?arch=amd64\u0026repository_url=registry.redhat.io/rhaiis\u0026tag=1772160625"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64 as a component of Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
},
"product_reference": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64",
"relates_to_product_reference": "Red Hat AI Inference Server 3.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-48022",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2025-08-07T17:35:20.588000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2387122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ray. The job submission API allows a remote attacker to execute arbitrary code due to insufficient input validation. An unauthenticated attacker can trigger this vulnerability by sending a malicious job submission request. Successful exploitation results in arbitrary code execution on the affected Ray cluster.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ray: Ray Job Submission Arbitrary Code Execution",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-48022"
},
{
"category": "external",
"summary": "RHBZ#2387122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-48022",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48022"
}
],
"release_date": "2025-08-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ray: Ray Job Submission Arbitrary Code Execution"
},
{
"cve": "CVE-2023-52355",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2023-11-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2251326"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: TIFFRasterScanlineSize64 produce too-big size and could cause OOM",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The identified out-of-memory vulnerability in libtiff, triggered by a crafted TIFF file passed to the TIFFRasterScanlineSize64() API, presents a moderate severity concern rather than a important one due to several factors. Primarily, the exploit requires the crafted input to be smaller than 379 KB, imposing a limitation on the potential impact and reducing the likelihood of successful exploitation in practical scenarios. Furthermore, the nature of the vulnerability is limited to denial-of-service attacks, which, although disruptive, do not inherently pose a direct risk of data compromise or system compromise. However, it\u0027s important to acknowledge that denial-of-service attacks can still have significant operational implications, particularly in environments reliant on continuous availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52355"
},
{
"category": "external",
"summary": "RHBZ#2251326",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251326"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52355",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52355"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52355",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52355"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/621",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/621"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libtiff: TIFFRasterScanlineSize64 produce too-big size and could cause OOM"
},
{
"cve": "CVE-2023-52356",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2023-11-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2251344"
}
],
"notes": [
{
"category": "description",
"text": "A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw allows an attacker to potentially cause a denial of service attack by crashing a program, but the impact is minimal.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52356"
},
{
"category": "external",
"summary": "RHBZ#2251344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52356",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52356"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52356",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52356"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/622",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/622"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/546",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/546"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service"
},
{
"cve": "CVE-2024-56433",
"cwe": {
"id": "CWE-1188",
"name": "Initialization of a Resource with an Insecure Default"
},
"discovery_date": "2024-12-26T09:00:54.065197+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2334165"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in shadow-utils. Affected versions of shadow-utils establish a default /etc/subuid behavior, for example, uid 100000 through 165535 for the first user account, that can conflict with the uids of users defined on locally administered networks. This issue potentially leads to account takeover by leveraging newuidmap for access to an NFS home directory or same-host resources for remote logins by these local network users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-56433"
},
{
"category": "external",
"summary": "RHBZ#2334165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2334165"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-56433",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56433"
},
{
"category": "external",
"summary": "https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241",
"url": "https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241"
},
{
"category": "external",
"summary": "https://github.com/shadow-maint/shadow/issues/1157",
"url": "https://github.com/shadow-maint/shadow/issues/1157"
},
{
"category": "external",
"summary": "https://github.com/shadow-maint/shadow/releases/tag/4.4",
"url": "https://github.com/shadow-maint/shadow/releases/tag/4.4"
}
],
"release_date": "2024-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise"
},
{
"acknowledgments": [
{
"names": [
"Ronald Crane"
]
}
],
"cve": "CVE-2025-5318",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-05-29T06:48:59.169000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2369131"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libssh: out-of-bounds read in sftp_handle()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue requires an attacker with valid credentials to access a server, limiting the scope to legitimate users of the SFTP service. Due to this reason, this flaw has been rated with a Moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5318"
},
{
"category": "external",
"summary": "RHBZ#2369131",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369131"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5318",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5318"
},
{
"category": "external",
"summary": "https://www.libssh.org/security/advisories/CVE-2025-5318.txt",
"url": "https://www.libssh.org/security/advisories/CVE-2025-5318.txt"
}
],
"release_date": "2025-06-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libssh: out-of-bounds read in sftp_handle()"
},
{
"cve": "CVE-2025-6242",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2025-06-18T15:26:47.633000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373716"
}
],
"notes": [
{
"category": "description",
"text": "A Server-Side Request Forgery (SSRF) vulnerability exists in the MediaConnector class within the vLLM project\u0027s multimodal feature set. The load_from_url and load_from_url_async methods fetch and process media from user-provided URLs without adequate restrictions on the target hosts. This allows an attacker to coerce the vLLM server into making arbitrary requests to internal network resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: Server Side request forgery (SSRF) in MediaConnector",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated as having the severity of Important by the Red Hat Product Security team as a successful exploitation by an attacker may lead to confidential data being leaked or a denial of service. Additionally the fact a unprivileged user can trigger this vulnerability through the network also contributes for the severity.\n\nThis vulnerability has its risk amplified on orchestrated environments as pods running the vLLM may eventually communicate with each other through internal cluster routing, including services that should not have been exposed to external networks. An attacker may leverage this flaw to interact with internal services, perform network reconnaissance or trigger a denial of service by leading other internal services to fail.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6242"
},
{
"category": "external",
"summary": "RHBZ#2373716",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373716"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6242"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6242",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6242"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-3f6c-7fw2-ppm4",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-3f6c-7fw2-ppm4"
}
],
"release_date": "2025-10-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: Server Side request forgery (SSRF) in MediaConnector"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL",
"url": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"cve": "CVE-2025-8176",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-07-26T04:00:56.216434+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2383598"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libtiff. The `get_histogram` function in `file/tiffmedian.c` exhibits a use-after-free condition when processing a specially crafted file, allowing a local attacker to trigger memory corruption. This manipulation results in a use-after-free vulnerability, and can lead to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: LibTIFF Use-After-Free Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated Important because it involves a use-after-free flaw in the get_histogram function of LibTIFF\u2019s tiffmedian tool. Successful exploitation may allow a local attacker to execute arbitrary code or cause a denial of service, leading to loss of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-8176"
},
{
"category": "external",
"summary": "RHBZ#2383598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383598"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-8176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8176"
},
{
"category": "external",
"summary": "http://www.libtiff.org/",
"url": "http://www.libtiff.org/"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/commit/fe10872e53efba9cc36c66ac4ab3b41a839d5172",
"url": "https://gitlab.com/libtiff/libtiff/-/commit/fe10872e53efba9cc36c66ac4ab3b41a839d5172"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/707",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/707"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/727",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/727"
},
{
"category": "external",
"summary": "https://vuldb.com/?ctiid.317590",
"url": "https://vuldb.com/?ctiid.317590"
},
{
"category": "external",
"summary": "https://vuldb.com/?id.317590",
"url": "https://vuldb.com/?id.317590"
},
{
"category": "external",
"summary": "https://vuldb.com/?submit.621796",
"url": "https://vuldb.com/?submit.621796"
}
],
"release_date": "2025-07-26T03:32:08.851000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: LibTIFF Use-After-Free Vulnerability"
},
{
"cve": "CVE-2025-9230",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-09-17T12:15:34.387000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396054"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the OpenSSL CMS implementation (RFC 3211 KEK Unwrap). This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption (PWRI).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability was rated as Moderate because, while the potential impact includes an application level denial of service and possible arbitrary code execution, successful exploitation is considered unlikely due to the high attack complexity and the fact that password-based CMS encryption (PWRI) is rarely used in real-world deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "RHBZ#2396054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230"
}
],
"release_date": "2025-09-30T23:59:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap"
},
{
"cve": "CVE-2025-9714",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2025-09-02T13:03:56.452000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxstl/libxml2. The \u0027exsltDynMapFunction\u0027 function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling \u0027dyn:map()\u0027, leading to stack exhaustion and a local denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No evidence was found for arbitrary memory corruption through this flaw, limiting its impact to Availability only, and reducing its severity to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "RHBZ#2392605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392605"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148",
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148"
}
],
"release_date": "2025-09-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "The impact of this flaw may be reduced by setting strict resource limits to the stack size of processes at the operational system level. This can be achieved either through the \u0027ulimit\u0027 shell built-in or the \u0027limits.conf\u0027 file.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c"
},
{
"acknowledgments": [
{
"names": [
"Gareth C"
],
"organization": "AnchorSec Ltd."
}
],
"cve": "CVE-2025-9900",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"discovery_date": "2025-09-03T02:48:12.111000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392784"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Libtiff. This vulnerability is a \"write-what-where\" condition, triggered when the library processes a specially crafted TIFF image file.\n\nBy providing an abnormally large image height value in the file\u0027s metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: Libtiff Write-What-Where",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This attack requires user interaction to run the malicious TIFF image file, hence the CVE is maintained as important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9900"
},
{
"category": "external",
"summary": "RHBZ#2392784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392784"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9900"
},
{
"category": "external",
"summary": "https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file",
"url": "https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/704",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/704"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/732",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/732"
},
{
"category": "external",
"summary": "https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html",
"url": "https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html"
}
],
"release_date": "2025-09-22T14:29:35.767000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: Libtiff Write-What-Where"
},
{
"cve": "CVE-2025-15467",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-01-16T14:21:50.710000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430376"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. On Red Hat Enterprise Linux, OpenSSL is built with stack protections enabled which mitigate the risk of code execution though a denial-of-service condition remains possible. This vulnerability only affects applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers, such as Kerberos using the PKINIT plugin. OpenSSL versions 1.1.1 and 1.0.2 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "RHBZ#2430376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15467"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15467",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15467"
}
],
"release_date": "2026-01-27T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing"
},
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-22869",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-02-26T04:00:47.683125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348367"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "RHBZ#2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://go.dev/cl/652135",
"url": "https://go.dev/cl/652135"
},
{
"category": "external",
"summary": "https://go.dev/issue/71931",
"url": "https://go.dev/issue/71931"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3487",
"url": "https://pkg.go.dev/vuln/GO-2025-3487"
}
],
"release_date": "2025-02-26T03:07:48.855000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "This flaw can be mitigated when using the client only connecting to trusted servers.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh"
},
{
"cve": "CVE-2025-47906",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"discovery_date": "2025-09-18T19:00:47.541046+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396546"
}
],
"notes": [
{
"category": "description",
"text": "A path handling flaw has been discovered in the os/exec go package. If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath (\"\", \".\", and \"..\"), can result in the binaries listed in the PATH being unexpectedly returned.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "os/exec: Unexpected paths returned from LookPath in os/exec",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "RHBZ#2396546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47906"
},
{
"category": "external",
"summary": "https://go.dev/cl/691775",
"url": "https://go.dev/cl/691775"
},
{
"category": "external",
"summary": "https://go.dev/issue/74466",
"url": "https://go.dev/issue/74466"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM",
"url": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3956",
"url": "https://pkg.go.dev/vuln/GO-2025-3956"
}
],
"release_date": "2025-09-18T18:41:11.847000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "os/exec: Unexpected paths returned from LookPath in os/exec"
},
{
"cve": "CVE-2025-52565",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.653000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404708"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console\nbind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n), if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount the symlink target over /dev/console.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: container escape with malicious config due to /dev/console mount and related races",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "RHBZ#2404708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404708"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r",
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r"
}
],
"release_date": "2025-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using user namespaces, with the host root user not mapped into the container\u0027s namespace. procfs file permissions are managed using Unix DAC and thus user namespaces stop a container process from being able to write to them.\n* Not running as a root user in the container (this includes disabling setuid binaries with noNewPrivileges). As above, procfs file permissions are managed using Unix DAC and thus non-root users cannot write to them.\n* The default SELinux policy should mitigate this issue, as the /dev/console bind-mount does not re-label the mount and so the container process should not be able to write to unsafe procfs files. However, CVE-2025-52881 allows an attacker to bypass LSM labels, and so this mitigation is not helpful when considered in combination with CVE-2025-52881.\n* The default AppArmor profile used by most runtimes will NOT help mitigate this issue, as /dev/console access is permitted. You could create a custom profile that blocks access to /dev/console, but such a profile might break regular containers. In addition, CVE-2025-52881 allows an attacker to bypass LSM labels, and so that mitigation is not helpful when considered in combination with CVE-2025-52881.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: container escape with malicious config due to /dev/console mount and related races"
},
{
"cve": "CVE-2025-53905",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-07-15T21:01:19.770241+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380362"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vim: Vim path traversial",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-53905"
},
{
"category": "external",
"summary": "RHBZ#2380362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380362"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-53905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-53905",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53905"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/commit/87757c6b0a4b2c1f71c72ea8e1438b8fb116b239",
"url": "https://github.com/vim/vim/commit/87757c6b0a4b2c1f71c72ea8e1438b8fb116b239"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/security/advisories/GHSA-74v4-f3x9-ppvr",
"url": "https://github.com/vim/vim/security/advisories/GHSA-74v4-f3x9-ppvr"
}
],
"release_date": "2025-07-15T20:48:34.764000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vim: Vim path traversial"
},
{
"cve": "CVE-2025-53906",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-07-15T21:01:15.057182+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380360"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vim: Vim path traversal",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-53906"
},
{
"category": "external",
"summary": "RHBZ#2380360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380360"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-53906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53906"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/commit/586294a04179d855c3d1d4ee5ea83931963680b8",
"url": "https://github.com/vim/vim/commit/586294a04179d855c3d1d4ee5ea83931963680b8"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/security/advisories/GHSA-r2fw-9cw4-mj86",
"url": "https://github.com/vim/vim/security/advisories/GHSA-r2fw-9cw4-mj86"
}
],
"release_date": "2025-07-15T20:52:40.137000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vim: Vim path traversal"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classified as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2025-59375",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2025-59375"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2025-59375",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2025-59375"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
},
{
"cve": "CVE-2025-59425",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2025-09-22T06:45:41.577000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2397234"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM\u2019s API token authentication logic, where token comparisons were not performed in constant time. This weakness could allow an attacker to exploit timing differences to guess valid tokens and bypass authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: Timing Attack in vLLM API Token Verification Leading to Authentication Bypass",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The RedHat security team has rated the severity of this issue as Important. The vulnerability is remotely exploitable without authentication or user interaction and can result in authentication bypass. The root cause was the use of a non-constant-time string comparison, which leaked timing information. Successful exploitation could lead to unauthorized access to APIs and sensitive resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59425"
},
{
"category": "external",
"summary": "RHBZ#2397234",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397234"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59425"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59425",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59425"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/ee10d7e6ff5875386c7f136ce8b5f525c8fcef48",
"url": "https://github.com/vllm-project/vllm/commit/ee10d7e6ff5875386c7f136ce8b5f525c8fcef48"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-wr9h-g72x-mwhm",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-wr9h-g72x-mwhm"
}
],
"release_date": "2025-10-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: Timing Attack in vLLM API Token Verification Leading to Authentication Bypass"
},
{
"acknowledgments": [
{
"names": [
"keymoon",
"Ga_ryo",
"Isotr0py",
"DarkLight1337"
]
}
],
"cve": "CVE-2025-61620",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-10-06T05:59:34.077000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2401761"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the server implementation of vLLM, where the handling of Jinja templates does not properly validate user-supplied input through the chat_template and chat_template_kwargs parameters. When a specially crafted template is processed, it can trigger excessive looping or recursion inside the Jinja engine, consuming large amounts of CPU and memory. This can cause the server to become unresponsive or crash, resulting in a denial-of-service (DoS) condition for applications using vLLM.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM OpenAI-Compatible Server Resource Exhaustion via chat_template Parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has assessed the severity of this vulnerability as Moderate, as it requires authenticated access or the ability to supply templates to the vLLM server. Successful exploitation allows an attacker to exhaust system resources by submitting maliciously crafted Jinja templates that trigger excessive CPU and memory usage. The vulnerability\u2019s root cause is the lack of proper validation and sandboxing of user-supplied template data, which can lead to denial of service (DoS) conditions affecting the availability of services built on vLLM.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61620"
},
{
"category": "external",
"summary": "RHBZ#2401761",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401761"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61620",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61620"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61620",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61620"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-6fvq-23cw-5628",
"url": "https://github.com/advisories/GHSA-6fvq-23cw-5628"
}
],
"release_date": "2025-10-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM OpenAI-Compatible Server Resource Exhaustion via chat_template Parameters"
},
{
"cve": "CVE-2025-62164",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-11-21T02:01:11.280042+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416282"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in vLLM allows attackers to supply malicious serialized prompt-embedding tensors that are deserialized using torch.load() without validation. Due to PyTorch 2.8.0 disabling sparse-tensor integrity checks by default, a crafted tensor can bypass bounds checks and cause an out-of-bounds write during to_dense(), leading to a crash (DoS) and potentially remote code execution on the vLLM server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: VLLM deserialization vulnerability leading to DoS and potential RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered important rather than moderate because it involves unsafe deserialization leading to memory corruption in a network-reachable, unauthenticated API path. Unlike typical moderate flaws that may only allow limited DoS or require specific conditions, this issue allows an attacker to supply a crafted sparse tensor that triggers an out-of-bounds memory write during PyTorch\u2019s to_dense() conversion. Memory corruption in a server process handling untrusted input significantly elevates security risk because it can lead not only to a reliable crash but also to potential remote code execution, enabling full compromise of the vLLM service. Additionally, the affected code path is part of the standard Completions API workflow, making the attack surface broadly exposed in real deployments. The combination of remote exploitability, unauthenticated access, memory corruption, and potential RCE clearly positions this issue above a moderate classification and into an important severity level.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62164"
},
{
"category": "external",
"summary": "RHBZ#2416282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416282"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62164",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62164"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62164",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62164"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b",
"url": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/27204",
"url": "https://github.com/vllm-project/vllm/pull/27204"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-mrw7-hf4f-83pf",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-mrw7-hf4f-83pf"
}
],
"release_date": "2025-11-21T01:18:38.803000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: VLLM deserialization vulnerability leading to DoS and potential RCE"
},
{
"cve": "CVE-2025-62372",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"discovery_date": "2025-11-21T02:00:57.180567+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416280"
}
],
"notes": [
{
"category": "description",
"text": "A denial-of-service vulnerability in vLLM allows an attacker with API access to crash the engine by submitting multimodal embedding tensors that have the correct number of dimensions but an invalid internal shape. Because vLLM validates only the tensor\u2019s ndim and not the full expected shape, malformed embeddings trigger shape mismatches or validation failures during processing, causing the inference engine to terminate.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated Moderate rather than Important because its impact is strictly limited to availability and requires low but existing privileges to exploit. The issue arises from incomplete shape validation of multimodal embedding tensors, which can cause deterministic crashes in the inference engine, but it does not enable memory corruption, data leakage, integrity compromise, or execution of arbitrary code. Exploitation requires an authenticated or API-key-holding user to submit malformed multimodal inputs, meaning it cannot be triggered by an unauthenticated attacker on an exposed endpoint. Additionally, the failure mode is a clean crash rather than undefined behavior, so the blast radius is constrained to service interruption rather than broader systemic compromise. These factors\u2014PR:L requirement, no confidentiality/integrity impact, deterministic failure mode, and scoped DoS only\u2014technically align the issue with Moderate severity instead of an Important flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62372"
},
{
"category": "external",
"summary": "RHBZ#2416280",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416280"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62372"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62372",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62372"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b",
"url": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/27204",
"url": "https://github.com/vllm-project/vllm/pull/27204"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/6613",
"url": "https://github.com/vllm-project/vllm/pull/6613"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-pmqf-x6x8-p7qw",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-pmqf-x6x8-p7qw"
}
],
"release_date": "2025-11-21T01:22:37.121000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs"
},
{
"cve": "CVE-2025-62426",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-11-21T02:00:49.606988+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416278"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in vLLM allows an authenticated user to trigger unintended tokenization during chat template processing by supplying crafted chat_template_kwargs to the /v1/chat/completions or /tokenize endpoints. By forcing the server to tokenize very large inputs, an attacker can block the API server\u2019s event loop for extended periods, causing a denial of service and delaying all other requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM vulnerable to DoS via large Chat Completion or Tokenization requests with specially crafted `chat_template_kwargs`",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw is limited to a denial-of-service vector that requires an authenticated user and relies on abusing an optional, non-security-critical parameter (chat_template_kwargs) to force unexpected tokenization during template application, which is computationally expensive but not indicative of data corruption, privilege escalation, or code execution. The attacker cannot break isolation boundaries or execute arbitrary logic\u2014they can only cause the server\u2019s event loop to stall through large crafted inputs, and only if they already have access to the vLLM API. Moreover, the DoS condition is resource-intensive, depends heavily on model size and server configuration, and does not persist once the malicious request completes. Because the impact is bounded to temporary availability degradation without confidentiality or integrity loss, and because exploitation requires legitimate API access and large payloads, this issue aligns with a Moderate severity rather than an Important/High flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62426"
},
{
"category": "external",
"summary": "RHBZ#2416278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416278"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62426"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62426",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62426"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/blob/2a6dc67eb520ddb9c4138d8b35ed6fe6226997fb/vllm/entrypoints/chat_utils.py#L1602-L1610",
"url": "https://github.com/vllm-project/vllm/blob/2a6dc67eb520ddb9c4138d8b35ed6fe6226997fb/vllm/entrypoints/chat_utils.py#L1602-L1610"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/blob/2a6dc67eb520ddb9c4138d8b35ed6fe6226997fb/vllm/entrypoints/openai/serving_engine.py#L809-L814",
"url": "https://github.com/vllm-project/vllm/blob/2a6dc67eb520ddb9c4138d8b35ed6fe6226997fb/vllm/entrypoints/openai/serving_engine.py#L809-L814"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/3ada34f9cb4d1af763fdfa3b481862a93eb6bd2b",
"url": "https://github.com/vllm-project/vllm/commit/3ada34f9cb4d1af763fdfa3b481862a93eb6bd2b"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/27205",
"url": "https://github.com/vllm-project/vllm/pull/27205"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-69j4-grxj-j64p",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-69j4-grxj-j64p"
}
],
"release_date": "2025-11-21T01:21:29.546000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM vulnerable to DoS via large Chat Completion or Tokenization requests with specially crafted `chat_template_kwargs`"
},
{
"cve": "CVE-2025-62593",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2025-11-26T23:01:25.307125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417394"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Ray\u2019s HTTP API endpoint handling (e.g. /api/jobs, /api/job_agent/jobs/), which allows a remote attacker to trigger arbitrary code execution when a developer using Ray visits a malicious website in a vulnerable browser (e.g. Firefox or Safari). The root cause is an insufficient defense relying solely on the User-Agent header starting with \u201cMozilla\u201d, which can be manipulated under the fetch specification \u2014 enabling a DNS-rebinding attack to bypass browser-based protections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ray: Ray is vulnerable to RCE via Safari \u0026 Firefox Browsers through DNS Rebinding Attack",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has chosen to keep this as Important instead of Critical severity because the successful exploitation of this vulnerability requires user interaction in conjunction with a DNS rebinding attack.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62593"
},
{
"category": "external",
"summary": "RHBZ#2417394",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417394"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62593",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62593"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62593",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62593"
},
{
"category": "external",
"summary": "https://github.com/ray-project/ray/commit/70e7c72780bdec075dba6cad1afe0832772bfe09",
"url": "https://github.com/ray-project/ray/commit/70e7c72780bdec075dba6cad1afe0832772bfe09"
},
{
"category": "external",
"summary": "https://github.com/ray-project/ray/security/advisories/GHSA-q279-jhrf-cc6v",
"url": "https://github.com/ray-project/ray/security/advisories/GHSA-q279-jhrf-cc6v"
}
],
"release_date": "2025-11-26T22:28:28.577000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ray: Ray is vulnerable to RCE via Safari \u0026 Firefox Browsers through DNS Rebinding Attack"
},
{
"cve": "CVE-2025-62727",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"discovery_date": "2025-10-28T21:01:03.833849+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2406929"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability has been discovered in the python Starlette framework. an unauthenticated attacker can send a crafted HTTP Range header that triggers quadratic-time processing in Starlette\u0027s FileResponse Range parsing/merging logic. This induces CPU exhaustion per request, causing a denial\u2011of\u2011service for endpoints serving files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "starlette: Starlette DoS via Range header merging",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62727"
},
{
"category": "external",
"summary": "RHBZ#2406929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406929"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62727"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62727",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62727"
},
{
"category": "external",
"summary": "https://github.com/Kludex/starlette/commit/4ea6e22b489ec388d6004cfbca52dd5b147127c5",
"url": "https://github.com/Kludex/starlette/commit/4ea6e22b489ec388d6004cfbca52dd5b147127c5"
},
{
"category": "external",
"summary": "https://github.com/Kludex/starlette/security/advisories/GHSA-7f5h-v6xp-fcq8",
"url": "https://github.com/Kludex/starlette/security/advisories/GHSA-7f5h-v6xp-fcq8"
}
],
"release_date": "2025-10-28T20:14:53.655000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "starlette: Starlette DoS via Range header merging"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
},
{
"cve": "CVE-2025-66448",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2025-12-01T23:01:07.198041+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418152"
}
],
"notes": [
{
"category": "description",
"text": "A remote code execution vulnerability has been identified in vLLM. An attacker can exploit a weakness in the model loading process to silently fetch and run unauthorized, malicious Python code on the host system. This happens because the engine mistakenly executes code from a remote repository referenced in a model\u0027s configuration, even when explicit security measures are set to prevent it.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM: Remote Code Execution via malicious model configuration",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat because vLLM, when deployed in a Red Hat environment, is susceptible to remote code execution. An attacker can craft a malicious model configuration that, when loaded, fetches and executes arbitrary Python code from a remote repository, even if `trust_remote_code` is explicitly set to `False`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66448"
},
{
"category": "external",
"summary": "RHBZ#2418152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66448"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66448",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66448"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/ffb08379d8870a1a81ba82b72797f196838d0c86",
"url": "https://github.com/vllm-project/vllm/commit/ffb08379d8870a1a81ba82b72797f196838d0c86"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/28126",
"url": "https://github.com/vllm-project/vllm/pull/28126"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-8fr4-5q9j-m8gm",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-8fr4-5q9j-m8gm"
}
],
"release_date": "2025-12-01T22:45:42.566000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: vLLM: Remote Code Execution via malicious model configuration"
},
{
"cve": "CVE-2025-66471",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-05T17:02:21.597728+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419467"
}
],
"notes": [
{
"category": "description",
"text": "A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 Streaming API improperly handles highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in urllib3\u0027s streaming API that can lead to excessive resource consumption, including high CPU usage and significant memory allocation. When processing highly compressed data from untrusted sources, even small requested chunks can trigger full decompression, posing a denial-of-service risk to client-side applications utilizing affected urllib3 versions prior to 2.6.0.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "RHBZ#2419467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7",
"url": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37"
}
],
"release_date": "2025-12-05T16:06:08.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 Streaming API improperly handles highly compressed data"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
},
{
"cve": "CVE-2025-69223",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-06T20:01:19.831548+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427456"
}
],
"notes": [
{
"category": "description",
"text": "A decompression based denial of service flaw has been discovered in the AIOHTTP python library. Library versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host\u0027s memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "aiohttp: AIOHTTP\u0027s HTTP Parser auto_decompress feature is vulnerable to zip bomb",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69223"
},
{
"category": "external",
"summary": "RHBZ#2427456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427456"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69223",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69223"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69223",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69223"
},
{
"category": "external",
"summary": "https://github.com/aio-libs/aiohttp/commit/2b920c39002cee0ec5b402581779bbaaf7c9138a",
"url": "https://github.com/aio-libs/aiohttp/commit/2b920c39002cee0ec5b402581779bbaaf7c9138a"
},
{
"category": "external",
"summary": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-6mq8-rvhq-8wgg",
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-6mq8-rvhq-8wgg"
}
],
"release_date": "2026-01-05T22:00:17.715000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "aiohttp: AIOHTTP\u0027s HTTP Parser auto_decompress feature is vulnerable to zip bomb"
},
{
"cve": "CVE-2026-0994",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2026-01-23T16:02:59.235878+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2432398"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in protobuf. A remote attacker can exploit this denial-of-service (DoS) vulnerability by supplying deeply nested `google.protobuf.Any` messages to the `google.protobuf.json_format.ParseDict()` function. This bypasses the intended recursion depth limit, leading to the exhaustion of Python\u2019s recursion stack and causing a `RecursionError`, which results in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python: protobuf: Protobuf: Denial of Service due to recursion depth bypass",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in `protobuf` allows a remote attacker to trigger a denial-of-service by providing specially crafted, deeply nested `google.protobuf.Any` messages to the `google.protobuf.json_format.ParseDict()` function. This bypasses the intended recursion depth limit, leading to resource exhaustion and application crashes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-0994"
},
{
"category": "external",
"summary": "RHBZ#2432398",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2432398"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-0994",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0994"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-0994",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0994"
},
{
"category": "external",
"summary": "https://github.com/protocolbuffers/protobuf/pull/25239",
"url": "https://github.com/protocolbuffers/protobuf/pull/25239"
}
],
"release_date": "2026-01-23T14:55:16.876000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python: protobuf: Protobuf: Denial of Service due to recursion depth bypass"
},
{
"cve": "CVE-2026-21441",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-01-07T23:01:59.422078+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427726"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is an HTTP client library for Python. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "RHBZ#2427726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b",
"url": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99"
}
],
"release_date": "2026-01-07T22:09:01.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)"
},
{
"cve": "CVE-2026-22773",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-10T07:01:22.641229+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2428443"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). A remote attacker can exploit this vulnerability by sending a specially crafted 1x1 pixel image to a vLLM engine serving multimodal models that use the Idefics3 vision model implementation. This leads to a tensor dimension mismatch, causing an unhandled runtime error and resulting in complete server termination, effectively a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM: Denial of Service via specially crafted image in multimodal model serving",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate for Red Hat products. A remote attacker can trigger a denial of service in vLLM engines serving multimodal models that use the Idefics3 vision model by sending a specially crafted image, leading to complete server termination. This affects Red Hat AI Inference Server and Red Hat OpenShift AI (RHOAI) when configured with the vulnerable vLLM versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22773"
},
{
"category": "external",
"summary": "RHBZ#2428443",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428443"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22773",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22773"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22773",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22773"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-grg2-63fw-f2qr",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-grg2-63fw-f2qr"
}
],
"release_date": "2026-01-10T06:39:02.276000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM: Denial of Service via specially crafted image in multimodal model serving"
},
{
"cve": "CVE-2026-22778",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"discovery_date": "2026-02-03T00:01:43.512265+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2436113"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). A remote attacker can exploit this vulnerability by sending a specially crafted video URL to vLLM\u0027s multimodal endpoint. This action causes vLLM to leak a heap memory address, significantly reducing the effectiveness of Address Space Layout Randomization (ASLR). This information disclosure can then be chained with a heap overflow vulnerability to achieve remote code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vLLM: vLLM: Remote code execution via invalid image processing in the multimodal endpoint.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Critical rather than Important because it allows unauthenticated remote code execution without requiring user interaction, ultimately leading to full compromise of the affected system. An attacker can provide a malicious video URL to a vulnerable vLLM inference endpoint, which causes the service to automatically retrieve and process attacker-controlled media content. During decoding, a heap overflow is triggered in the underlying video processing stack, enabling corruption of heap memory and potential overwriting of control structures to execute arbitrary commands on the host. In addition, an information disclosure condition can leak memory addresses, significantly weakening ASLR protections and making exploitation more reliable when combined with the heap overflow. Successful exploitation compromises the confidentiality, integrity, and availability of the system and can impact deployments such as Red Hat AI Inference Server, Red Hat Enterprise Linux AI, and Red Hat OpenShift AI, thereby meeting Red Hat\u2019s criteria for Critical severity rather than Important impact.\n\nThe vLLM vulnerability depends on CVE-2025-9951, as processing attacker-controlled media can trigger the JPEG2000 decoder heap overflow, which can then be exploited within the vLLM video handling pipeline to cause memory corruption and potentially achieve remote code execution.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22778"
},
{
"category": "external",
"summary": "RHBZ#2436113",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436113"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22778",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22778"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22778",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22778"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/31987",
"url": "https://github.com/vllm-project/vllm/pull/31987"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/32319",
"url": "https://github.com/vllm-project/vllm/pull/32319"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/releases/tag/v0.14.1",
"url": "https://github.com/vllm-project/vllm/releases/tag/v0.14.1"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-4r2x-xpjr-7cvv",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-4r2x-xpjr-7cvv"
}
],
"release_date": "2026-02-02T21:09:53.265000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "vLLM: vLLM: Remote code execution via invalid image processing in the multimodal endpoint."
},
{
"cve": "CVE-2026-22807",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-01-21T22:00:55.823882+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431865"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). This vulnerability allows a remote attacker to achieve arbitrary code execution on the vLLM host during model loading. This occurs because vLLM loads Hugging Face `auto_map` dynamic modules without properly validating the `trust_remote_code` setting. By influencing the model repository or path, an attacker can execute malicious Python code at server startup, even before any API requests are handled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vLLM: vLLM: Arbitrary code execution via untrusted model loading",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as vLLM, an inference and serving engine for large language models, is vulnerable to arbitrary code execution. An attacker influencing the model repository or path can execute malicious Python code during server startup, affecting vLLM versions 0.10.1 through 0.13.x.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22807"
},
{
"category": "external",
"summary": "RHBZ#2431865",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431865"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22807",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22807"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/78d13ea9de4b1ce5e4d8a5af9738fea71fb024e5",
"url": "https://github.com/vllm-project/vllm/commit/78d13ea9de4b1ce5e4d8a5af9738fea71fb024e5"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/32194",
"url": "https://github.com/vllm-project/vllm/pull/32194"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/releases/tag/v0.14.0",
"url": "https://github.com/vllm-project/vllm/releases/tag/v0.14.0"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-2pc9-4j83-qjmr",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-2pc9-4j83-qjmr"
}
],
"release_date": "2026-01-21T21:13:11.894000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "To mitigate this issue, ensure that vLLM instances are configured to load models only from trusted and verified repositories. Restrict access to the model repository path to prevent unauthorized modification or introduction of malicious code. Implement strict access controls and integrity checks for all model sources.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vLLM: vLLM: Arbitrary code execution via untrusted model loading"
},
{
"cve": "CVE-2026-24049",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-01-22T05:00:54.709179+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431959"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "RHBZ#2431959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24049",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24049"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef",
"url": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/releases/tag/0.46.2",
"url": "https://github.com/pypa/wheel/releases/tag/0.46.2"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx",
"url": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx"
}
],
"release_date": "2026-01-22T04:02:08.706000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking"
},
{
"cve": "CVE-2026-24486",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-01-27T01:00:58.032530+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2433132"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Python-Multipart, a tool for parsing multipart form data in Python applications. This vulnerability, known as path traversal, allows a remote attacker to write uploaded files to any location on the server\u0027s file system. This exploitation occurs when specific non-default configuration options, `UPLOAD_DIR` and `UPLOAD_KEEP_FILENAME=True`, are enabled, and a malicious filename is provided during a file upload. The primary consequence is unauthorized file creation or modification, which could lead to system compromise.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-multipart: Python-Multipart: Arbitrary file write via path traversal vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24486"
},
{
"category": "external",
"summary": "RHBZ#2433132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433132"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24486",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24486"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24486",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24486"
},
{
"category": "external",
"summary": "https://github.com/Kludex/python-multipart/commit/9433f4bbc9652bdde82bbe380984e32f8cfc89c4",
"url": "https://github.com/Kludex/python-multipart/commit/9433f4bbc9652bdde82bbe380984e32f8cfc89c4"
},
{
"category": "external",
"summary": "https://github.com/Kludex/python-multipart/releases/tag/0.0.22",
"url": "https://github.com/Kludex/python-multipart/releases/tag/0.0.22"
},
{
"category": "external",
"summary": "https://github.com/Kludex/python-multipart/security/advisories/GHSA-wp53-j4wj-2cfg",
"url": "https://github.com/Kludex/python-multipart/security/advisories/GHSA-wp53-j4wj-2cfg"
}
],
"release_date": "2026-01-27T00:34:06.229000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, avoid enabling the `UPLOAD_KEEP_FILENAME=True` configuration option in applications using `python-multipart`. This option, when used with `UPLOAD_DIR`, allows an attacker to write files to arbitrary locations. Disabling or not configuring `UPLOAD_KEEP_FILENAME=True` prevents the path traversal vulnerability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-multipart: Python-Multipart: Arbitrary file write via path traversal vulnerability"
},
{
"cve": "CVE-2026-24779",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2026-01-27T23:00:53.998772+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2433624"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). A Server-Side Request Forgery (SSRF) vulnerability exists in the MediaConnector class, specifically within the load_from_url and load_from_url_async methods. An attacker can exploit differing interpretations of backslashes by Python parsing libraries used for host restrictions to bypass these restrictions. This allows the attacker to force the vLLM server to make arbitrary requests to internal network resources, potentially leading to information disclosure, denial of service, or unauthorized access within containerized environments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vLLM: vLLM: Server-Side Request Forgery allows internal network access",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This IMPORTANT Server-Side Request Forgery (SSRF) vulnerability in vLLM\u0027s `MediaConnector` allows an attacker to bypass host restrictions when processing user-provided URLs. This enables the vLLM server to be coerced into making arbitrary requests to internal network resources. This is critical in containerized deployments, including Red Hat AI Inference Server, Red Hat Enterprise Linux AI, and Red Hat OpenShift AI, where it could facilitate internal network reconnaissance and unauthorized access to other services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24779"
},
{
"category": "external",
"summary": "RHBZ#2433624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433624"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24779",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24779"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24779",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24779"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/f46d576c54fb8aeec5fc70560e850bed38ef17d7",
"url": "https://github.com/vllm-project/vllm/commit/f46d576c54fb8aeec5fc70560e850bed38ef17d7"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/32746",
"url": "https://github.com/vllm-project/vllm/pull/32746"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-qh4c-xf7m-gxfc",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-qh4c-xf7m-gxfc"
}
],
"release_date": "2026-01-27T22:01:13.808000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "To mitigate this issue, restrict network access to the vLLM service to only trusted clients. Implement strict network segmentation for vLLM pods in containerized environments to limit potential lateral movement. Ensure that vLLM instances are not exposed to untrusted external networks without proper access controls and input validation at the perimeter.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vLLM: vLLM: Server-Side Request Forgery allows internal network access"
},
{
"cve": "CVE-2026-25990",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-02-11T21:05:39.535631+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2439170"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found the Pillow Python imaging library. Providing a specially crafted PSD image may lead to an out-of-bounds write. This could potentially allow for arbitrary code execution or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25990"
},
{
"category": "external",
"summary": "RHBZ#2439170",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439170"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25990",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25990"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25990",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25990"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/commit/9000313cc5d4a31bdcdd6d7f0781101abab553aa",
"url": "https://github.com/python-pillow/Pillow/commit/9000313cc5d4a31bdcdd6d7f0781101abab553aa"
},
{
"category": "external",
"summary": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-cfh3-3jmp-rvhc",
"url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-cfh3-3jmp-rvhc"
}
],
"release_date": "2026-02-11T20:53:52.524000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-27T14:55:49+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2026:3462",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image"
}
]
}
RHSA-2026:3710
Vulnerability from csaf_redhat - Published: 2026-03-04 06:00 - Updated: 2026-07-18 09:23A flaw was found in the Node.js WebSocket library (ws). A request with several headers exceeding the 'server.maxHeadersCount' threshold could be used to crash a ws server, leading to a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64 | — |
Workaround
|
A flaw was found in the npm pbkdf2 library, allowing signature spoofing. When executing in javascript engines other than Nodejs or Nodejs when importing pbkdf2/browser, certain algorithms will silently fail and return invalid data. The return values are predictable, which undermines the security guarantees of the package.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64 | — |
A flaw was found in the npm pbkdf2 library, allowing signature spoofing. Under specific use cases, pbkdf2 may return static keys. This issue only occurs when running the library on Node.js.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64 | — |
An improper input validation vulnerability was found in the cipher-base npm package. Missing input type checks in the polyfill of the Node.js `createHash` function result in invalid value calculations, hanging and rewinding the hash state, including turning a tagged hash into an untagged hash, for malicious JSON-stringifyable inputs.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64 | — |
Workaround
|
A vulnerability was found in sha.js, where the hashing implementation does not perform sufficient input type validation. The .update() function accepts arbitrary objects, including those with crafted length properties, which can alter the internal state machine of the hashing process. This flaw may result in unexpected behavior such as rewinding the hash state, producing inconsistent digest outputs, or entering invalid processing loops. The issue was introduced due to the reliance on JavaScript object coercion rules rather than enforcing strict buffer or string inputs.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64 | — |
Workaround
|
A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64 | — |
Workaround
|
A flaw was found in Lodash. A prototype pollution vulnerability in the _.unset and _.omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64 | — |
Workaround
|
A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64 | — |
Workaround
|
An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64 | — |
Workaround
|
A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64 | — |
A flaw was found in Sigstore Timestamp Authority. This vulnerability allows a denial of service via excessive memory allocation when processing a specially crafted Object Identifier or Content-Type header.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64 | — |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The 1.15.3 GA release of Red Hat OpenShift Pipelines Operator..\nFor more details see [product documentation](https://docs.redhat.com/en/documentation/red_hat_openshift_pipelines).",
"title": "Topic"
},
{
"category": "general",
"text": "The 1.15.3 release of Red Hat OpenShift Pipelines Operator.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:3710",
"url": "https://access.redhat.com/errata/RHSA-2026:3710"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-37890",
"url": "https://access.redhat.com/security/cve/CVE-2024-37890"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-13465",
"url": "https://access.redhat.com/security/cve/CVE-2025-13465"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15284",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6545",
"url": "https://access.redhat.com/security/cve/CVE-2025-6545"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6547",
"url": "https://access.redhat.com/security/cve/CVE-2025-6547"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66031",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66564",
"url": "https://access.redhat.com/security/cve/CVE-2025-66564"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9287",
"url": "https://access.redhat.com/security/cve/CVE-2025-9287"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9288",
"url": "https://access.redhat.com/security/cve/CVE-2025-9288"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_openshift_pipelines",
"url": "https://docs.redhat.com/en/documentation/red_hat_openshift_pipelines"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_3710.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.15.3",
"tracking": {
"current_release_date": "2026-07-18T09:23:41+00:00",
"generator": {
"date": "2026-07-18T09:23:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.7"
}
},
"id": "RHSA-2026:3710",
"initial_release_date": "2026-03-04T06:00:07+00:00",
"revision_history": [
{
"date": "2026-03-04T06:00:07+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-03-04T06:00:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-18T09:23:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Pipelines 1.15",
"product": {
"name": "Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_pipelines:1.15::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Pipelines"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-console-plugin-rhel8@sha256%3Ab7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772110573"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-controller-rhel8@sha256%3Ad2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964902"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-webhook-rhel8@sha256%3A065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964870"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-cli-rhel8@sha256%3Ac7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093708"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-controller-rhel8@sha256%3A25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093710"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-watcher-rhel8@sha256%3A0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093722"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-webhook-rhel8@sha256%3Abba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256%3A0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093872"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256%3A3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772123833"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256%3Adbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771425314"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256%3Acf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964224"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256%3Ad356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772036471"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256%3A5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964207"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256%3A9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964128"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256%3A0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256%3A9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771510606"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256%3A37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964097"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-sidecarlogresults-rhel8@sha256%3Aca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964076"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256%3A7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964042"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256%3Ad4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964021"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256%3A025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256%3Abc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964091"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256%3A3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964129"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256%3A0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964233"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256%3Aa0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964246"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256%3A2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964165"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-console-plugin-rhel8@sha256%3A494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772110573"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-controller-rhel8@sha256%3Aab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964902"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-webhook-rhel8@sha256%3A5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964870"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-cli-rhel8@sha256%3A46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093708"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-controller-rhel8@sha256%3A0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093710"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-watcher-rhel8@sha256%3A3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093722"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-webhook-rhel8@sha256%3A540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256%3A416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093872"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256%3Aa77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772123833"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256%3Afbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771425314"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256%3Afdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964224"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256%3A56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772036471"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256%3A35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964207"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256%3Ab2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964128"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256%3A001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256%3Ab767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771510606"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256%3A7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964097"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-sidecarlogresults-rhel8@sha256%3A608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964076"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256%3A4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964042"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256%3A578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964021"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256%3Aeae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256%3A8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964091"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256%3A36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964129"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256%3A7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964233"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256%3A6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964246"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256%3A5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964165"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-console-plugin-rhel8@sha256%3Ad52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772110573"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-controller-rhel8@sha256%3A7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964902"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-webhook-rhel8@sha256%3A14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964870"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-cli-rhel8@sha256%3A4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093708"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-controller-rhel8@sha256%3A375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093710"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-watcher-rhel8@sha256%3A8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093722"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-webhook-rhel8@sha256%3Af2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256%3Ad71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093872"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256%3Ac8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772123833"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256%3A1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771425314"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256%3A0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964224"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256%3A50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772036471"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256%3A71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964207"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256%3Ab894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964128"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256%3A03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256%3A72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771510606"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256%3Aac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964097"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-sidecarlogresults-rhel8@sha256%3A2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964076"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256%3A6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964042"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256%3A3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964021"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256%3A534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256%3A1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964091"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256%3A012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964129"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256%3A26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964233"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256%3A25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964246"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256%3A8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964165"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-console-plugin-rhel8@sha256%3Aabca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772110573"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-controller-rhel8@sha256%3A23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964902"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256%3Ab33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964207"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-webhook-rhel8@sha256%3A1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964870"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-cli-rhel8@sha256%3A607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093708"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-controller-rhel8@sha256%3A739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093710"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-watcher-rhel8@sha256%3A8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093722"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-webhook-rhel8@sha256%3A5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256%3A5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093872"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256%3A6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772123833"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256%3A525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771425314"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256%3Aea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964224"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256%3A0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772036471"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256%3Af532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964128"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256%3A898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256%3Adfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771510606"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256%3A7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964097"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-sidecarlogresults-rhel8@sha256%3Afed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964076"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256%3A3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964042"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256%3Afbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964021"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256%3Acea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256%3A26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964091"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256%3A79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964129"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256%3A142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964233"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256%3Ae6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964246"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256%3A18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964165"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-37890",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-06-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2292777"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Node.js WebSocket library (ws). A request with several headers exceeding the \u0027server.maxHeadersCount\u0027 threshold could be used to crash a ws server, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ws: denial of service when handling a request with many HTTP headers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-37890"
},
{
"category": "external",
"summary": "RHBZ#2292777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292777"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37890"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-37890",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37890"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/security/advisories/GHSA-3h5v-q93c-6h6q",
"url": "https://github.com/websockets/ws/security/advisories/GHSA-3h5v-q93c-6h6q"
}
],
"release_date": "2024-06-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T06:00:07+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3710"
},
{
"category": "workaround",
"details": "The issue can be mitigated by reducing the maximum allowed length of the request headers using the --max-http-header-size=size or the maxHeaderSize options so that no more headers than the server.maxHeadersCount limit can be sent. The issue can be mitigated also by seting server.maxHeadersCount to 0.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ws: denial of service when handling a request with many HTTP headers"
},
{
"cve": "CVE-2025-6545",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2025-06-23T19:00:51.575615+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2374370"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the npm pbkdf2 library, allowing signature spoofing. When executing in javascript engines other than Nodejs or Nodejs when importing pbkdf2/browser, certain algorithms will silently fail and return invalid data. The return values are predictable, which undermines the security guarantees of the package.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pbkdf2: pbkdf2 silently returns predictable key material",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated important because it causes the pbkdf2 module to quietly return weak or zero-filled keys when certain algorithm names are used incorrectly in browsers or bundled code, this causes the function to silently return a predictable value (such as a zero-filled buffer or uninitialized memory) instead of a securely derived key, completely undermining the confidentiality and integrity of any cryptographic operation where attackers could guess or reuse these keys to access or change protected data.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6545"
},
{
"category": "external",
"summary": "RHBZ#2374370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374370"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6545",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6545"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6545",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6545"
},
{
"category": "external",
"summary": "https://github.com/browserify/pbkdf2/commit/9699045c37a07f8319cfb8d44e2ff4252d7a7078",
"url": "https://github.com/browserify/pbkdf2/commit/9699045c37a07f8319cfb8d44e2ff4252d7a7078"
},
{
"category": "external",
"summary": "https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb",
"url": "https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb"
},
{
"category": "external",
"summary": "https://github.com/browserify/pbkdf2/security/advisories/GHSA-h7cp-r72f-jxh6",
"url": "https://github.com/browserify/pbkdf2/security/advisories/GHSA-h7cp-r72f-jxh6"
}
],
"release_date": "2025-06-23T18:41:18.771000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T06:00:07+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3710"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pbkdf2: pbkdf2 silently returns predictable key material"
},
{
"cve": "CVE-2025-6547",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2025-06-23T20:01:13.559691+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2374378"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the npm pbkdf2 library, allowing signature spoofing. Under specific use cases, pbkdf2 may return static keys. This issue only occurs when running the library on Node.js.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pbkdf2: pbkdf2 silently returns static keys",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because a logic flaw was found in the npm pbkdf2 library where the vulnerability, located in the toBuffer method, causes password and salt inputs provided as Uint8Array objects to be silently ignored. This results in the function returning a static, predictable key derived from empty inputs, completely undermining the security guarantees of any feature that relies on the generated key, this allows an attacker to forge signatures, leading to a complete compromise of the application\u0027s data confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6547"
},
{
"category": "external",
"summary": "RHBZ#2374378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6547"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6547",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6547"
},
{
"category": "external",
"summary": "https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb",
"url": "https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb"
},
{
"category": "external",
"summary": "https://github.com/browserify/pbkdf2/security/advisories/GHSA-v62p-rq8g-8h59",
"url": "https://github.com/browserify/pbkdf2/security/advisories/GHSA-v62p-rq8g-8h59"
}
],
"release_date": "2025-06-23T19:00:45.472000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T06:00:07+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3710"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pbkdf2: pbkdf2 silently returns static keys"
},
{
"cve": "CVE-2025-9287",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2025-08-20T22:00:53.821394+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2389932"
}
],
"notes": [
{
"category": "description",
"text": "An improper input validation vulnerability was found in the cipher-base npm package. Missing input type checks in the polyfill of the Node.js `createHash` function result in invalid\u00a0value calculations,\u00a0hanging and\u00a0rewinding the\u00a0hash state, including\u00a0turning a tagged hash\u00a0into an untagged\u00a0hash, for malicious JSON-stringifyable\u00a0inputs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cipher-base: Cipher-base hash manipulation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9287"
},
{
"category": "external",
"summary": "RHBZ#2389932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389932"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9287"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9287",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9287"
},
{
"category": "external",
"summary": "https://github.com/browserify/cipher-base/pull/23",
"url": "https://github.com/browserify/cipher-base/pull/23"
},
{
"category": "external",
"summary": "https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc",
"url": "https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc"
}
],
"release_date": "2025-08-20T21:43:56.548000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T06:00:07+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3710"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cipher-base: Cipher-base hash manipulation"
},
{
"cve": "CVE-2025-9288",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2025-08-20T23:00:56.263191+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2389980"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in sha.js, where the hashing implementation does not perform sufficient input type validation. The .update() function accepts arbitrary objects, including those with crafted length properties, which can alter the internal state machine of the hashing process. This flaw may result in unexpected behavior such as rewinding the hash state, producing inconsistent digest outputs, or entering invalid processing loops. The issue was introduced due to the reliance on JavaScript object coercion rules rather than enforcing strict buffer or string inputs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sha.js: Missing type checks leading to hash rewind and passing on crafted data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was marked as Important rather then Critical because while the lack of input type checks in sha.js allows for hash state rewinding, crafted collisions, and potential denial of service, the vulnerability requires highly specific crafted input objects that are unlikely to occur in typical real-world usage, especially since most applications pass well-formed strings or buffers to hashing functions. Moreover, the cryptographic breakages described, such as nonce reuse leading to private key extraction, are indirect and depend on downstream libraries misusing sha.js for sensitive operations without additional validation layers. As a result, the flaw significantly undermines correctness and robustness of the hashing API, but its exploitability in common production systems is constrained, which could justify viewing it as an Important vulnerability rather than a Critical one.\n\n\nThe flaw requires applications to pass attacker-controlled, non-standard JavaScript objects into hash.update(). Most real-world Node.js applications and libraries already use Buffer, TypedArray, or String inputs, which are unaffected. Furthermore, Node\u2019s built-in crypto module, which is widely adopted, enforces stricter type-checking and is not impacted. As a result, the vulnerability mainly threatens projects that (a) directly depend on sha.js for cryptographically sensitive operations, and (b) hash untrusted input without type validation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9288"
},
{
"category": "external",
"summary": "RHBZ#2389980",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389980"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9288",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9288"
},
{
"category": "external",
"summary": "https://github.com/browserify/sha.js/pull/78",
"url": "https://github.com/browserify/sha.js/pull/78"
},
{
"category": "external",
"summary": "https://github.com/browserify/sha.js/security/advisories/GHSA-95m3-7q98-8xr5",
"url": "https://github.com/browserify/sha.js/security/advisories/GHSA-95m3-7q98-8xr5"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9287"
}
],
"release_date": "2025-08-20T21:59:44.728000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T06:00:07+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3710"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sha.js: Missing type checks leading to hash rewind and passing on crafted data"
},
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T06:00:07+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3710"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-13465",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2026-01-21T20:01:28.774829+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431740"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Lodash. A prototype pollution vulnerability in the _.unset and _.omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lodash: prototype pollution in _.unset and _.omit functions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is only exploitable by applications using the _.unset and _.omit functions on an object and allowing user input to determine the path of the property to be removed. This issue only allows the deletion of properties but does not allow overwriting their behavior, limiting the impact to a denial of service. Due to this reason, this vulnerability has been rated with an important severity.\n\nIn Grafana, JavaScript code runs only in the browser, while the server side is all Golang. Therefore, the worst-case scenario is a loss of functionality in the client application inside the browser. To reflect this, the CVSS availability metric and the severity of the Grafana and the Grafana-PCP component have been updated to low and moderate, respectively.\n\nThe lodash dependency is bundled and used by the pcs-web-ui component of the PCS package. In Red Hat Enterprise Linux 8.10, the pcs-web-ui component is no longer included in the PCS package. As a result, RHEL 8.10 does not ship the vulnerable lodash component within PCS and is therefore not-affected by this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-13465"
},
{
"category": "external",
"summary": "RHBZ#2431740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431740"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-13465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13465"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-13465",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13465"
},
{
"category": "external",
"summary": "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg",
"url": "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg"
}
],
"release_date": "2026-01-21T19:05:28.846000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T06:00:07+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3710"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement strict input validation before passing any property paths to the _.unset and _.omit functions to block attempts to access the prototype chain. Ensure that strings like __proto__, constructor and prototype are blocked, for example.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lodash: prototype pollution in _.unset and _.omit functions"
},
{
"cve": "CVE-2025-15284",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-29T23:00:58.541337+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425946"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "qs: qs: Denial of Service via improper input validation in array parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products that utilize the `qs` module for parsing query strings, particularly when processing user-controlled input with bracket notation. The `arrayLimit` option, intended to prevent resource exhaustion, is bypassed when bracket notation (`a[]=value`) is used, allowing a remote attacker to cause a denial of service through memory exhaustion. This can lead to application crashes or unresponsiveness, making the service unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "RHBZ#2425946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425946"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9",
"url": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p",
"url": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p"
}
],
"release_date": "2025-12-29T22:56:45.240000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T06:00:07+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3710"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "qs: qs: Denial of Service via improper input validation in array parsing"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-11-26T23:01:36.363253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417397"
}
],
"notes": [
{
"category": "description",
"text": "An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge ASN.1 Unbounded Recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "RHBZ#2417397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
"url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
}
],
"release_date": "2025-11-26T22:23:26.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T06:00:07+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3710"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: node-forge ASN.1 Unbounded Recursion"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T06:00:07+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3710"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
},
{
"cve": "CVE-2025-66564",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:11.786030+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419054"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Sigstore Timestamp Authority. This vulnerability allows a denial of service via excessive memory allocation when processing a specially crafted Object Identifier or Content-Type header.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/timestamp-authority: Sigstore Timestamp Authority: Denial of Service via excessive OID or Content-Type header parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The Sigstore Timestamp Authority, a service for issuing RFC 3161 timestamps, is prone to excessive memory allocation. This occurs when processing untrusted OID payloads with many period characters or malformed Content-Type headers. An unauthenticated attacker could exploit this flaw to trigger a denial of service in affected Red Hat products that utilize this component.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66564"
},
{
"category": "external",
"summary": "RHBZ#2419054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66564",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66564"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66564",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66564"
},
{
"category": "external",
"summary": "https://github.com/sigstore/timestamp-authority/commit/0cae34e197d685a14904e0bad135b89d13b69421",
"url": "https://github.com/sigstore/timestamp-authority/commit/0cae34e197d685a14904e0bad135b89d13b69421"
},
{
"category": "external",
"summary": "https://github.com/sigstore/timestamp-authority/security/advisories/GHSA-4qg8-fj49-pxjh",
"url": "https://github.com/sigstore/timestamp-authority/security/advisories/GHSA-4qg8-fj49-pxjh"
}
],
"release_date": "2025-12-04T22:37:13.307000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T06:00:07+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3710"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/timestamp-authority: Sigstore Timestamp Authority: Denial of Service via excessive OID or Content-Type header parsing"
}
]
}
RHSA-2026:3712
Vulnerability from csaf_redhat - Published: 2026-03-04 07:12 - Updated: 2026-07-18 09:23A flaw was found in the Node.js WebSocket library (ws). A request with several headers exceeding the 'server.maxHeadersCount' threshold could be used to crash a ws server, leading to a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64 | — |
Workaround
|
A flaw was found in the npm pbkdf2 library, allowing signature spoofing. When executing in javascript engines other than Nodejs or Nodejs when importing pbkdf2/browser, certain algorithms will silently fail and return invalid data. The return values are predictable, which undermines the security guarantees of the package.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64 | — |
A flaw was found in the npm pbkdf2 library, allowing signature spoofing. Under specific use cases, pbkdf2 may return static keys. This issue only occurs when running the library on Node.js.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64 | — |
An improper input validation vulnerability was found in the cipher-base npm package. Missing input type checks in the polyfill of the Node.js `createHash` function result in invalid value calculations, hanging and rewinding the hash state, including turning a tagged hash into an untagged hash, for malicious JSON-stringifyable inputs.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64 | — |
Workaround
|
A vulnerability was found in sha.js, where the hashing implementation does not perform sufficient input type validation. The .update() function accepts arbitrary objects, including those with crafted length properties, which can alter the internal state machine of the hashing process. This flaw may result in unexpected behavior such as rewinding the hash state, producing inconsistent digest outputs, or entering invalid processing loops. The issue was introduced due to the reliance on JavaScript object coercion rules rather than enforcing strict buffer or string inputs.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64 | — |
Workaround
|
A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64 | — |
Workaround
|
A flaw was found in Lodash. A prototype pollution vulnerability in the _.unset and _.omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64 | — |
Workaround
|
A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64 | — |
Workaround
|
An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64 | — |
Workaround
|
A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64 | — |
A flaw was found in Sigstore Timestamp Authority. This vulnerability allows a denial of service via excessive memory allocation when processing a specially crafted Object Identifier or Content-Type header.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64 | — |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The 1.15.4 GA release of Red Hat OpenShift Pipelines Operator..\nFor more details see [product documentation](https://docs.redhat.com/en/documentation/red_hat_openshift_pipelines).",
"title": "Topic"
},
{
"category": "general",
"text": "The 1.15.4 release of Red Hat OpenShift Pipelines Operator.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:3712",
"url": "https://access.redhat.com/errata/RHSA-2026:3712"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-37890",
"url": "https://access.redhat.com/security/cve/CVE-2024-37890"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-13465",
"url": "https://access.redhat.com/security/cve/CVE-2025-13465"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15284",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6545",
"url": "https://access.redhat.com/security/cve/CVE-2025-6545"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6547",
"url": "https://access.redhat.com/security/cve/CVE-2025-6547"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66031",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66564",
"url": "https://access.redhat.com/security/cve/CVE-2025-66564"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9287",
"url": "https://access.redhat.com/security/cve/CVE-2025-9287"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9288",
"url": "https://access.redhat.com/security/cve/CVE-2025-9288"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_openshift_pipelines",
"url": "https://docs.redhat.com/en/documentation/red_hat_openshift_pipelines"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_3712.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.15.4",
"tracking": {
"current_release_date": "2026-07-18T09:23:45+00:00",
"generator": {
"date": "2026-07-18T09:23:45+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.7"
}
},
"id": "RHSA-2026:3712",
"initial_release_date": "2026-03-04T07:12:04+00:00",
"revision_history": [
{
"date": "2026-03-04T07:12:04+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-03-04T09:09:53+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-18T09:23:45+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Pipelines 1.15",
"product": {
"name": "Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_pipelines:1.15::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Pipelines"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-console-plugin-rhel8@sha256%3Ab7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772110573"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-controller-rhel8@sha256%3Ad2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964902"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-webhook-rhel8@sha256%3A065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964870"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-cli-rhel8@sha256%3Ac7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093708"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-controller-rhel8@sha256%3A25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093710"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-watcher-rhel8@sha256%3A0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093722"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-webhook-rhel8@sha256%3Abba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256%3A0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093872"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256%3A3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772123833"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256%3Adbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771425314"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256%3Acf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964224"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256%3Ad356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772036471"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256%3A5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964207"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256%3A9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964128"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256%3A0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256%3A9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771510606"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256%3A37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964097"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-sidecarlogresults-rhel8@sha256%3Aca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964076"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256%3A7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964042"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256%3Ad4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964021"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256%3A025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256%3Abc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964091"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256%3A3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964129"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256%3A0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964233"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256%3Aa0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964246"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256%3A2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964165"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-console-plugin-rhel8@sha256%3A494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772110573"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-controller-rhel8@sha256%3Aab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964902"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-webhook-rhel8@sha256%3A5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964870"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-cli-rhel8@sha256%3A46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093708"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-controller-rhel8@sha256%3A0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093710"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-watcher-rhel8@sha256%3A3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093722"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-webhook-rhel8@sha256%3A540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256%3A416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093872"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256%3Aa77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772123833"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256%3Afbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771425314"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256%3Afdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964224"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256%3A56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772036471"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256%3A35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964207"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256%3Ab2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964128"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256%3A001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256%3Ab767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771510606"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256%3A7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964097"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-sidecarlogresults-rhel8@sha256%3A608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964076"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256%3A4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964042"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256%3A578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964021"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256%3Aeae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256%3A8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964091"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256%3A36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964129"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256%3A7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964233"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256%3A6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964246"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256%3A5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964165"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-console-plugin-rhel8@sha256%3Ad52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772110573"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-controller-rhel8@sha256%3A7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964902"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-webhook-rhel8@sha256%3A14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964870"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-cli-rhel8@sha256%3A4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093708"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-controller-rhel8@sha256%3A375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093710"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-watcher-rhel8@sha256%3A8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093722"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-webhook-rhel8@sha256%3Af2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256%3Ad71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093872"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256%3Ac8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772123833"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256%3A1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771425314"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256%3A0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964224"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256%3A50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772036471"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256%3A71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964207"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256%3Ab894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964128"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256%3A03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256%3A72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771510606"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256%3Aac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964097"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-sidecarlogresults-rhel8@sha256%3A2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964076"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256%3A6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964042"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256%3A3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964021"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256%3A534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256%3A1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964091"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256%3A012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964129"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256%3A26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964233"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256%3A25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964246"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256%3A8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964165"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-console-plugin-rhel8@sha256%3Aabca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772110573"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-controller-rhel8@sha256%3A23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964902"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-webhook-rhel8@sha256%3A1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964870"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-cli-rhel8@sha256%3A607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093708"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-controller-rhel8@sha256%3A739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093710"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-watcher-rhel8@sha256%3A8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093722"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-webhook-rhel8@sha256%3A5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256%3A5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772093872"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256%3A6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772123833"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256%3A525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771425314"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256%3Aea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964224"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256%3A0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1772036471"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256%3Ab33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964207"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256%3Af532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964128"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256%3A898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256%3Adfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771510606"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256%3A7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964097"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-sidecarlogresults-rhel8@sha256%3Afed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964076"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256%3A3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964042"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256%3Afbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964021"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256%3Acea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256%3A26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964091"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256%3A79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964129"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256%3A142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964233"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256%3Ae6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964246"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"product": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"product_id": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256%3A18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines\u0026tag=1771964165"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64 as a component of Red Hat OpenShift Pipelines 1.15",
"product_id": "Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
},
"product_reference": "registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64",
"relates_to_product_reference": "Red Hat OpenShift Pipelines 1.15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-37890",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-06-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2292777"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Node.js WebSocket library (ws). A request with several headers exceeding the \u0027server.maxHeadersCount\u0027 threshold could be used to crash a ws server, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ws: denial of service when handling a request with many HTTP headers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-37890"
},
{
"category": "external",
"summary": "RHBZ#2292777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292777"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37890"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-37890",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37890"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/security/advisories/GHSA-3h5v-q93c-6h6q",
"url": "https://github.com/websockets/ws/security/advisories/GHSA-3h5v-q93c-6h6q"
}
],
"release_date": "2024-06-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T07:12:04+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3712"
},
{
"category": "workaround",
"details": "The issue can be mitigated by reducing the maximum allowed length of the request headers using the --max-http-header-size=size or the maxHeaderSize options so that no more headers than the server.maxHeadersCount limit can be sent. The issue can be mitigated also by seting server.maxHeadersCount to 0.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ws: denial of service when handling a request with many HTTP headers"
},
{
"cve": "CVE-2025-6545",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2025-06-23T19:00:51.575615+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2374370"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the npm pbkdf2 library, allowing signature spoofing. When executing in javascript engines other than Nodejs or Nodejs when importing pbkdf2/browser, certain algorithms will silently fail and return invalid data. The return values are predictable, which undermines the security guarantees of the package.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pbkdf2: pbkdf2 silently returns predictable key material",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated important because it causes the pbkdf2 module to quietly return weak or zero-filled keys when certain algorithm names are used incorrectly in browsers or bundled code, this causes the function to silently return a predictable value (such as a zero-filled buffer or uninitialized memory) instead of a securely derived key, completely undermining the confidentiality and integrity of any cryptographic operation where attackers could guess or reuse these keys to access or change protected data.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6545"
},
{
"category": "external",
"summary": "RHBZ#2374370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374370"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6545",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6545"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6545",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6545"
},
{
"category": "external",
"summary": "https://github.com/browserify/pbkdf2/commit/9699045c37a07f8319cfb8d44e2ff4252d7a7078",
"url": "https://github.com/browserify/pbkdf2/commit/9699045c37a07f8319cfb8d44e2ff4252d7a7078"
},
{
"category": "external",
"summary": "https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb",
"url": "https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb"
},
{
"category": "external",
"summary": "https://github.com/browserify/pbkdf2/security/advisories/GHSA-h7cp-r72f-jxh6",
"url": "https://github.com/browserify/pbkdf2/security/advisories/GHSA-h7cp-r72f-jxh6"
}
],
"release_date": "2025-06-23T18:41:18.771000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T07:12:04+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3712"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pbkdf2: pbkdf2 silently returns predictable key material"
},
{
"cve": "CVE-2025-6547",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2025-06-23T20:01:13.559691+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2374378"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the npm pbkdf2 library, allowing signature spoofing. Under specific use cases, pbkdf2 may return static keys. This issue only occurs when running the library on Node.js.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pbkdf2: pbkdf2 silently returns static keys",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because a logic flaw was found in the npm pbkdf2 library where the vulnerability, located in the toBuffer method, causes password and salt inputs provided as Uint8Array objects to be silently ignored. This results in the function returning a static, predictable key derived from empty inputs, completely undermining the security guarantees of any feature that relies on the generated key, this allows an attacker to forge signatures, leading to a complete compromise of the application\u0027s data confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6547"
},
{
"category": "external",
"summary": "RHBZ#2374378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374378"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6547"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6547",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6547"
},
{
"category": "external",
"summary": "https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb",
"url": "https://github.com/browserify/pbkdf2/commit/e3102a8cd4830a3ac85cd0dd011cc002fdde33bb"
},
{
"category": "external",
"summary": "https://github.com/browserify/pbkdf2/security/advisories/GHSA-v62p-rq8g-8h59",
"url": "https://github.com/browserify/pbkdf2/security/advisories/GHSA-v62p-rq8g-8h59"
}
],
"release_date": "2025-06-23T19:00:45.472000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T07:12:04+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3712"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pbkdf2: pbkdf2 silently returns static keys"
},
{
"cve": "CVE-2025-9287",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2025-08-20T22:00:53.821394+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2389932"
}
],
"notes": [
{
"category": "description",
"text": "An improper input validation vulnerability was found in the cipher-base npm package. Missing input type checks in the polyfill of the Node.js `createHash` function result in invalid\u00a0value calculations,\u00a0hanging and\u00a0rewinding the\u00a0hash state, including\u00a0turning a tagged hash\u00a0into an untagged\u00a0hash, for malicious JSON-stringifyable\u00a0inputs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cipher-base: Cipher-base hash manipulation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9287"
},
{
"category": "external",
"summary": "RHBZ#2389932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389932"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9287"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9287",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9287"
},
{
"category": "external",
"summary": "https://github.com/browserify/cipher-base/pull/23",
"url": "https://github.com/browserify/cipher-base/pull/23"
},
{
"category": "external",
"summary": "https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc",
"url": "https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc"
}
],
"release_date": "2025-08-20T21:43:56.548000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T07:12:04+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3712"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cipher-base: Cipher-base hash manipulation"
},
{
"cve": "CVE-2025-9288",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2025-08-20T23:00:56.263191+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2389980"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in sha.js, where the hashing implementation does not perform sufficient input type validation. The .update() function accepts arbitrary objects, including those with crafted length properties, which can alter the internal state machine of the hashing process. This flaw may result in unexpected behavior such as rewinding the hash state, producing inconsistent digest outputs, or entering invalid processing loops. The issue was introduced due to the reliance on JavaScript object coercion rules rather than enforcing strict buffer or string inputs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sha.js: Missing type checks leading to hash rewind and passing on crafted data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was marked as Important rather then Critical because while the lack of input type checks in sha.js allows for hash state rewinding, crafted collisions, and potential denial of service, the vulnerability requires highly specific crafted input objects that are unlikely to occur in typical real-world usage, especially since most applications pass well-formed strings or buffers to hashing functions. Moreover, the cryptographic breakages described, such as nonce reuse leading to private key extraction, are indirect and depend on downstream libraries misusing sha.js for sensitive operations without additional validation layers. As a result, the flaw significantly undermines correctness and robustness of the hashing API, but its exploitability in common production systems is constrained, which could justify viewing it as an Important vulnerability rather than a Critical one.\n\n\nThe flaw requires applications to pass attacker-controlled, non-standard JavaScript objects into hash.update(). Most real-world Node.js applications and libraries already use Buffer, TypedArray, or String inputs, which are unaffected. Furthermore, Node\u2019s built-in crypto module, which is widely adopted, enforces stricter type-checking and is not impacted. As a result, the vulnerability mainly threatens projects that (a) directly depend on sha.js for cryptographically sensitive operations, and (b) hash untrusted input without type validation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9288"
},
{
"category": "external",
"summary": "RHBZ#2389980",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389980"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9288",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9288"
},
{
"category": "external",
"summary": "https://github.com/browserify/sha.js/pull/78",
"url": "https://github.com/browserify/sha.js/pull/78"
},
{
"category": "external",
"summary": "https://github.com/browserify/sha.js/security/advisories/GHSA-95m3-7q98-8xr5",
"url": "https://github.com/browserify/sha.js/security/advisories/GHSA-95m3-7q98-8xr5"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9287"
}
],
"release_date": "2025-08-20T21:59:44.728000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T07:12:04+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3712"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sha.js: Missing type checks leading to hash rewind and passing on crafted data"
},
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T07:12:04+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3712"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-13465",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2026-01-21T20:01:28.774829+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431740"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Lodash. A prototype pollution vulnerability in the _.unset and _.omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lodash: prototype pollution in _.unset and _.omit functions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is only exploitable by applications using the _.unset and _.omit functions on an object and allowing user input to determine the path of the property to be removed. This issue only allows the deletion of properties but does not allow overwriting their behavior, limiting the impact to a denial of service. Due to this reason, this vulnerability has been rated with an important severity.\n\nIn Grafana, JavaScript code runs only in the browser, while the server side is all Golang. Therefore, the worst-case scenario is a loss of functionality in the client application inside the browser. To reflect this, the CVSS availability metric and the severity of the Grafana and the Grafana-PCP component have been updated to low and moderate, respectively.\n\nThe lodash dependency is bundled and used by the pcs-web-ui component of the PCS package. In Red Hat Enterprise Linux 8.10, the pcs-web-ui component is no longer included in the PCS package. As a result, RHEL 8.10 does not ship the vulnerable lodash component within PCS and is therefore not-affected by this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-13465"
},
{
"category": "external",
"summary": "RHBZ#2431740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431740"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-13465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13465"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-13465",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13465"
},
{
"category": "external",
"summary": "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg",
"url": "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg"
}
],
"release_date": "2026-01-21T19:05:28.846000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T07:12:04+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3712"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement strict input validation before passing any property paths to the _.unset and _.omit functions to block attempts to access the prototype chain. Ensure that strings like __proto__, constructor and prototype are blocked, for example.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lodash: prototype pollution in _.unset and _.omit functions"
},
{
"cve": "CVE-2025-15284",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-29T23:00:58.541337+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425946"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "qs: qs: Denial of Service via improper input validation in array parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products that utilize the `qs` module for parsing query strings, particularly when processing user-controlled input with bracket notation. The `arrayLimit` option, intended to prevent resource exhaustion, is bypassed when bracket notation (`a[]=value`) is used, allowing a remote attacker to cause a denial of service through memory exhaustion. This can lead to application crashes or unresponsiveness, making the service unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "RHBZ#2425946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425946"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9",
"url": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p",
"url": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p"
}
],
"release_date": "2025-12-29T22:56:45.240000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T07:12:04+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3712"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "qs: qs: Denial of Service via improper input validation in array parsing"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-11-26T23:01:36.363253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417397"
}
],
"notes": [
{
"category": "description",
"text": "An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge ASN.1 Unbounded Recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "RHBZ#2417397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
"url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
}
],
"release_date": "2025-11-26T22:23:26.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T07:12:04+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3712"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: node-forge ASN.1 Unbounded Recursion"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T07:12:04+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3712"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
},
{
"cve": "CVE-2025-66564",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:11.786030+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419054"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Sigstore Timestamp Authority. This vulnerability allows a denial of service via excessive memory allocation when processing a specially crafted Object Identifier or Content-Type header.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/timestamp-authority: Sigstore Timestamp Authority: Denial of Service via excessive OID or Content-Type header parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The Sigstore Timestamp Authority, a service for issuing RFC 3161 timestamps, is prone to excessive memory allocation. This occurs when processing untrusted OID payloads with many period characters or malformed Content-Type headers. An unauthenticated attacker could exploit this flaw to trigger a denial of service in affected Red Hat products that utilize this component.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66564"
},
{
"category": "external",
"summary": "RHBZ#2419054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66564",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66564"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66564",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66564"
},
{
"category": "external",
"summary": "https://github.com/sigstore/timestamp-authority/commit/0cae34e197d685a14904e0bad135b89d13b69421",
"url": "https://github.com/sigstore/timestamp-authority/commit/0cae34e197d685a14904e0bad135b89d13b69421"
},
{
"category": "external",
"summary": "https://github.com/sigstore/timestamp-authority/security/advisories/GHSA-4qg8-fj49-pxjh",
"url": "https://github.com/sigstore/timestamp-authority/security/advisories/GHSA-4qg8-fj49-pxjh"
}
],
"release_date": "2025-12-04T22:37:13.307000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-04T07:12:04+00:00",
"details": "Red Hat OpenShift Pipelines is a cloud-native, continuous integration and\ncontinuous delivery (CI/CD) solution based on Kubernetes resources.\nIt uses Tekton building blocks to automate deployments across multiple\nplatforms by abstracting away the underlying implementation details.\nTekton introduces a number of standard custom resource definitions (CRDs)\nfor defining CI/CD pipelines that are portable across Kubernetes distributions.",
"product_ids": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3712"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:0cb744cb7946d857a2cffec641fcbc994e77ddc8d4a5b14c17a28621f4a0a4a9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:416c99f02abb6274fc87b2599e96b90e74e7a94c28806629c2b98fb2dc7e2afc_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:5c78dfe2380653f0167358565c8b7cab1010321a4eda27ec931715805ab2c256_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d71dc72648f45660ae1fd98acac0f1876540cac853f5c097ab85c3a5f2c2084f_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:494857108f0b09c8b8985062cc11b9879d126b207fcd72f6abb64ded3d8d1793_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:abca24c41cb24749e70a90aac93354d1924785e3eaf92a55b6906690861bac49_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:b7b03dd023aafe65290969336bcf9e0b7a241c3510dcb3d26519581ba4eed719_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8@sha256:d52e4a16b2908e99f1e69a1e2ee9233a231fd28c70916ed06c9cd8560478340c_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:35c7d22ab878030711c1ec9d340f25f78257ca3eabdcb5db23db90e80d55e8f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:5345cdb7e11186fda1577345f0e426946a5ee9e6bbe6486845511f03114dbe52_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:71d7e93eb9e845a429a7e68801ce7675ffdeebb730c236a8b6c3d59767d8e5d8_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8@sha256:b33b33412464a6d0bf510e6dd2dc7df8b4ced9a5c08a14d8522db6c8457d1a36_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:9209e159bb11236b49511ed3a59c7f687d06a9f82a02497a637d765cc14ea0c3_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b2c21a004712bd198698ea75793e57abbe1665e17479e34d0b5e8c81d60b967d_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:b894d94d3e18dc2f4f71f4e791e25da158397264b49ac82f4780ac3322e66200_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8@sha256:f532249811710dde78cab85e31f99bfebb5ee161167f8116ea00297ac343eefd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:001e28b882e81e4d424b2e1a39933211f15e68048406a6432e6ec59e4b96cc2c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:03dc5eb942a8fb202d8d6492764d5d27dcc326b556bb068070c10b00a3a9d277_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:0e59fd179abc02c54784b3293bc3d21087bd0ec135c691c5523879149da33a5a_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-events-rhel8@sha256:898085897ff200fdba4d6c14b59548c7fe53164a8c2649e2263a69116737edbf_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:3479cbadb4aa7bab5cc56115d7efe4e406d60010e28561857804926c3fbac9cc_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:6067cedcfde517cc751e14030c620126ea6facf50a4ff16374ca8ebe7bfcbe8b_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:a77292658b1ef1e2922f2b7c904ff73c8911bb84f130953897c3a66aec8560da_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8@sha256:c8aaf02aede730dacca2eed8bb32044f39b74d3ee3fd619a0fa2af864d874fa6_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:1066cf4185e3cd917c05e6d6759fb0a69428c4b43398df10dff8abe523761c09_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:525bbd7fe14ba88b4d9be13c5857e477e3a8daac1185a146707ebb8ef8e81acd_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:dbb678695a4bd07c27a14fec9b70359929bf0d4d33d9ce2d70d1b5157e5026c1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8@sha256:fbddec04429c15c833b7631fe3d7c783d33520f30f6d5c8aef2e66b7634873b8_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:0a12cf22aa798dbc3661f7e83aa9c280fe394de5b0ecc6ed7c93be1df539fce9_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:cf30088c2a33f0717657b0ac7c2df1544cb02a39e235011c9d21c658222ef39e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:ea7aae64763683de9e3fcbda5d6865c975a561b8c6b4299be9dd34088bc5e684_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:fdd2f4bffececf03b6566cf573fdf6224495d79a75ad1031219fad9902d7a3f1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:0dee713a14ab49d93b52b280d4ca3c6fc1c5f604087c81b755a6715330c91ea7_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:50133b51c695735e5f1fdb54d5423331091c1d113b0747d9565a42839d7510bc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:56bf189b754dee71d8b4ce9e44389b4ca0762e5f633e728210825472f4c8f3f6_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8@sha256:d356f3a86b2d3054a9f9c6e36bd488c8eaaef4af199e6a8188f8b50921698d25_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:23a535f97d17329cf2a1cc9dde90d4d9e2f3f5d979539a8ef5982e1f6693b144_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:7b61bda6116f3f1e93c856543ade553b0a1e4353542f5147da6929a5a8adbac3_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:ab98453c7e13ef2a9429531a1b1635e814df4784599be5c79848fcc849d05136_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8@sha256:d2993b1a28d230faf64f020c8e8248e06fabf5cd225189b8218a71b2f40e6a9b_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:065def0cfd1e282fd57faedff24873ddb4057afd42d4abc887859c6b8cf8c901_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:14e1402c0d2f4d449146471fff84f6548affdbcd81d1864bce0d29c29ccb15bd_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:1709fbbd4a92d49d492e6bc977f2c32efe4559bde59668e818be70d38acdf757_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8@sha256:5f9e44c7e682756007cc7bc493511c4a44536a04271ec1984f5a3ece7f1a8a49_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:72978ab3728ae29e51b68affb9e0b9a501bc69653c392783cb9ea121c8971661_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:9a0cf80bdfe89d4c472dc555f314d0bd5c4763bc637d45ddd89b8bb78236a44f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:b767a9acd7013d08b744b8155cecbe219bfd7a416a3f1ac3a129d67ab062741a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8@sha256:dfb1b5680a223da82b0b2dada35342525a88a925f4d22b8168c7edcf2b93049c_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:46612f85239df62f6c6d3684367e34a06ddf3982754d5d130b5c0d77f587deea_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:4c111f708f6ae46c74f7ecae415b9b12e1cbb0380f97c4bee6f98ce32de0ef18_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:607ba1de03fdda867014d183a7f54745c6d687441d7e230cbe45d9234c623ed2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8@sha256:c7633b12a75e2a382fb3104a6fcc03227dcc980d2d764f828c75b48ccf73bbab_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:0a2fbc739785a2cc2ad17b79e360788216b2a87422e7d1512ea59a8672557a3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:25c1f3d9abd1e123e2a11e5349c0b59eb24238a10dc16e01e59976d061ea7af7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:375388a1122a4bc5ffe695d4f8c69c9cf0c1d65ba89e92a6caeb68be40fbbbdc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8@sha256:739b8da7ebcad332129f65fee9e17f2b29370b1f68c030e3751d2f37ed4f9326_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:0d2a673d31a7b920fce466a25fa1968c57fe95d1c8c5bd2759f5de611d000b5f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:3542aba4cb22ce189574cf439a9dc758678e6272b83d8ff6089f1815284c576b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8c97cb0a4a88a1ddb7a6e7650100e958464b526d7c1454c306c7326f75ca0ab1_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8@sha256:8ce8fce1d1e1acd9fb44dc4d5797e57fe8e349624f6c7b1351757d7d6143b679_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:540dd3000891505e605b3f269f99da6c53d1e452cf35bb7a1918bb8ce190772b_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:5f0ff9a2dfa1468eff57b5e44d971056d06e6c5a2672e14717686b3eba17a341_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:bba628b46144f5d52f4a6e303d1b90c9a7f4a0a7b3f0c13839f9f795da874254_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8@sha256:f2ee01a1a497bd505ca1289290c0a07eda82901e698079fe1bc6557519d4ee99_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:37002485d6cf0f0ce261894d23db0bf94291fa7a121a154d15e5e4dcde20961f_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7561c3f65b9ea5268ed46b35f821c319abb1b4cb0894885a5a205cb920842b50_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:7f56583cad2cef40a2be5f4e96a62fcc155c8818fdc7d786400fadb60c85e631_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8@sha256:ac72ab75d693dd84576e61df319e891b3de889f4e347c9c5b6597ccbd529ae0d_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:025fa4d5b4ca78c69f85c8836f9e585f71c2e48466ff7f38fab36dc66f65880e_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:534369ccbc380afa8482d089c9806484843122f9f3ece03d468604ef2de1daff_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:cea3159fd16b609ef54d99bf435f72c142f0f7ecbbe3c3eaa9dd2035267395d2_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8@sha256:eae22f08294cb4179c659fca1effea2fc9f270a3059ddd32cf5a9ba1aaf8d2d1_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:1873003c677cb43b754c22493f9ecd91fa61eced098816823b7bceaf2051113a_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26e9f9232764f62c9c8ec24c3f7938fdaa362f4f10b6c71c894b1cea92f55404_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:8969e863a2ac74d0ab37812bd0aa5d86f261b97d0c2fecd0f35d2343c2f5bd67_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8@sha256:bc98620c8b16b39d796d81f25bd30ff227f2f2e723536bf28d55bdc76e9ac1ad_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:2f5cd53d974785de7aa44cb7ff7340e08c44a98eac5b3b60a9eb4535e63e62f7_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:608f3eb154f67488869fceeee31df1bcf596385c41d03c7390364153bac6b8b2_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:ca0bcdf562b50a8d2d665172658de8f444dab6fb4ca39ce49abb253e05aa8c7c_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-sidecarlogresults-rhel8@sha256:fed536fdc9330d719dda8baef65c856e9c301e86363b767a52f78fea8336103e_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:012597e8046bf9f3e53d6f3c9543405e77ad5fd8f44964bc669cdf9581726170_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:36959d582ce1a74d7bf594b8e1b84edfa14233ddc2a2b22fcb66c0a0335a7bd3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3888fb9d6780e137b4545e8830f45383e68ca84a42394749b64e391d535172e7_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:79af298015635f2bde40b74943cc5aa201d8bef1cb1d333938816757328609e6_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:0d45b4a62b0fc7e101f68e94d6f1b18bc1a2770cccfebc27380d1bbcafbabb49_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:142369000580845dc3a0da67cf4de781dd2ad1ccaa6acf234d7650424e95bf09_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:26d9157c1a6c7d0cfcde263a0a17b15cca996b2b79c6cf0168a16304068c6abc_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:7a4aa11a1273f668d89230adaa720b4e1fcea0cbaa57c63fa01a2cf6867d981c_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:25f485a1b1e0c5015304744148e7a3fbb6728fe90f389e5d507b2d36917efdf5_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:6f30b86646ff8d94ba28949bdf826d751fba38c824a3acabb1480896f41d411a_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:a0663bcada815073c34ec07a99cd53242db85e933912c48b5ed25892ccfa4eb1_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:e6213a9e4243024eb73cef85526dbc294920f0e7c35b031d4b46bc5a5072af23_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:18c0e9a76603a5312f3c7e2b9d468fe5a6d1e3f3f3b41c5ddcad952f6a49e528_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:2723ec216e5ead0550a5dece8b4ef76abade44503ff67da9becdb59ee6a74b64_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:5f68ba66d17d612702cc47916df916b751c3b8d71faa094f1a174cb4338c3d68_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:8d927c5044b9df81791f00774e7831f0a4d5a458f7a335f8bf925696b5479548_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:3d6ba54c22f00a6eefdb5a920e9f2a377cd25f46ac0ce43fbbd207f9bddf87af_amd64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:4f9a87bf93808a7c27c0bcd5387527fd9261f4c666da11e4f5ba8f831028fc3e_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:6ecd313eff04d48c873fa3b4b3a0e1bc94e1e715ab5919e33718a06a2b561851_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8@sha256:7efeac843ef6910c061c535e290dc43a8fca0522e1897845237bff9df7706da9_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:3e51c0031aaefd0b1ae80908c887075c82888f29552a4b71a3de6148ed6a7fb4_s390x",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:578c9afda064065cc2f4e18b59dbb92cf78015654573de80a72bc4e56fc0d1f3_ppc64le",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:d4fa2a61f381b3f00b9fb76cb1d019b28a2413a936f9b5a786d1d98e8a8361a0_arm64",
"Red Hat OpenShift Pipelines 1.15:registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:fbbf6924f67a455359ccd4e884e1608fb20475850e874874d158f5f2e01425c8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/timestamp-authority: Sigstore Timestamp Authority: Denial of Service via excessive OID or Content-Type header parsing"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.